pingu_98/MrDraw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Generate the key used for session hashing individually for each server instance

Browse source
This commit is contained in:
Gina Häußge 2014-10-23 15:33:32 +02:00
parent 7acb0657a7
commit 118a4f7097
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/octoprint/server/__init__.py
View file

@ -256,7 +256,15 @@ class Server():
settings().get(["server", "reverseProxy", "prefixScheme"]) settings().get(["server", "reverseProxy", "prefixScheme"])
) )
app.secret_key = "k3PuVYgtxNm8DXKKTw2nWmFQQun9qceV" secret_key = settings().get(["server", "secretKey"])
if not secret_key:
import string
from random import choice
chars = string.ascii_lowercase + string.ascii_uppercase + string.digits
secret_key = "".join(choice(chars) for _ in xrange(32))
settings().set(["server", "secretKey"], secret_key)
settings().save()
app.secret_key = secret_key
loginManager = LoginManager() loginManager = LoginManager()
loginManager.session_protection = "strong" loginManager.session_protection = "strong"
loginManager.user_callback = load_user loginManager.user_callback = load_user

1
src/octoprint/settings.py
View file

@ -41,6 +41,7 @@ default_settings = {
"host": "0.0.0.0", "host": "0.0.0.0",
"port": 5000, "port": 5000,
"firstRun": True, "firstRun": True,
"secretKey": None,
"reverseProxy": { "reverseProxy": {
"prefixHeader": "X-Script-Name", "prefixHeader": "X-Script-Name",
"schemeHeader": "X-Scheme", "schemeHeader": "X-Scheme",