tmdinosaurcenter/kiosk-guestbook
1
0
Fork 0
mirror of https://github.com/tmdinosaurcenter/kiosk-guestbook.git synced 2026-06-03 23:09:35 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: abort startup if SECRET_KEY is not set

Browse Source 
Raises RuntimeError at startup instead of silently falling back to a
hardcoded default, preventing misconfigured deployments from running
with a publicly-known session key.
This commit is contained in:
Steve Dogiakos
2026-03-28 23:15:51 -06:00
parent 53741a4cbf
commit 4d58e0f0a1
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.py
+5 -1
View File
@@ -21,7 +21,11 @@ logger = logging.getLogger(__name__)
app = Flask(__name__) app = Flask(__name__)
DATABASE = os.environ.get('DATABASE_PATH', 'guestbook.db') DATABASE = os.environ.get('DATABASE_PATH', 'guestbook.db')
app.secret_key = os.environ.get('SECRET_KEY', 'dev-secret-key-change-in-production')
_secret_key = os.environ.get('SECRET_KEY')
if not _secret_key:
raise RuntimeError("SECRET_KEY environment variable must be set")
app.secret_key = _secret_key
limiter = Limiter(get_remote_address, app=app, default_limits=[]) limiter = Limiter(get_remote_address, app=app, default_limits=[])