From 4d58e0f0a1eb2b6242fd04a80615af2bed8533c4 Mon Sep 17 00:00:00 2001
From: Steve Dogiakos <dogiakos@gmail.com>
Date: Sat, 28 Mar 2026 23:15:51 -0600
Subject: [PATCH] fix: abort startup if SECRET_KEY is not set

Raises RuntimeError at startup instead of silently falling back to a
hardcoded default, preventing misconfigured deployments from running
with a publicly-known session key.
---
 app.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app.py b/app.py
index 19dc0ea..90c2608 100644
--- a/app.py
+++ b/app.py
@@ -21,7 +21,11 @@ logger = logging.getLogger(__name__)
 
 app = Flask(__name__)
 DATABASE = os.environ.get('DATABASE_PATH', 'guestbook.db')
-app.secret_key = os.environ.get('SECRET_KEY', 'dev-secret-key-change-in-production')
+
+_secret_key = os.environ.get('SECRET_KEY')
+if not _secret_key:
+    raise RuntimeError("SECRET_KEY environment variable must be set")
+app.secret_key = _secret_key
 
 limiter = Limiter(get_remote_address, app=app, default_limits=[])