def test_generate_secret_key(self): """Tests generate secret key generates a key that matches the expected pattern and generates distinct keys on subsquent calls""" value1 = generate_secret_key() value2 = generate_secret_key() self.assertTrue(isinstance(value1, str)) self.assertTrue(isinstance(value2, str)) self.assertEqual(len(value1), SECRET_KEY_LENGTH) self.assertEqual(len(value2), SECRET_KEY_LENGTH) self.assertTrue(SECRET_KEY_PATTERN.match(value1)) self.assertTrue(SECRET_KEY_PATTERN.match(value2)) self.assertFalse(value1 == value2) return value1
def log_default_warnings(key): """Print warning if using insecure default keys """ if key == "SECRET_KEY": LOGGER.warning( """ --------------------------------------------- WARNING: The API secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): SECRET_KEY=%s --------------------------------------------- """, generate_secret_key(), ) elif key == "AES_KEY": LOGGER.warning( """ --------------------------------------------- WARNING: The AES secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): AES_KEY=%s --------------------------------------------- """, generate_aes_key(), )
def load_config(app): # pylint: disable=too-many-branches # CLI Options will override config file options opts = parse_args(sys.argv[1:]) app.config.HOST = opts.host app.config.PORT = opts.port app.config.VALIDATOR_HOST = opts.validator_host app.config.VALIDATOR_PORT = opts.validator_port app.config.TIMEOUT = int(opts.timeout) app.config.DB_HOST = opts.db_host app.config.DB_PORT = opts.db_port app.config.DB_NAME = opts.db_name app.config.CHATBOT_HOST = opts.chatbot_host app.config.CHATBOT_PORT = opts.chatbot_port app.config.CLIENT_HOST = opts.client_host app.config.CLIENT_PORT = opts.client_port app.config.DEBUG = bool(opts.debug) app.config.SECRET_KEY = opts.secret_key app.config.AES_KEY = opts.aes_key app.config.AIOHTTP_CONN_LIMIT = opts.aiohttp_conn_limit app.config.AIOHTTP_DNS_TTL = opts.aiohttp_dns_ttl if SECRET_KEY is DEFAULT_CONFIG["SECRET_KEY"]: LOGGER.warning( """ --------------------------------------------- WARNING: The API secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): SECRET_KEY=%s --------------------------------------------- """, generate_secret_key(), ) if AES_KEY is DEFAULT_CONFIG["AES_KEY"]: LOGGER.warning( """ --------------------------------------------- WARNING: The AES secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): AES_KEY=%s --------------------------------------------- """, generate_aes_key(), ) app.config.BATCHER_KEY_PAIR = Key()
DB_NAME = getenv("DB_NAME", DEFAULT_CONFIG["DB_NAME"]) AES_KEY = getenv("AES_KEY", DEFAULT_CONFIG["AES_KEY"]) SECRET_KEY = getenv("SECRET_KEY", DEFAULT_CONFIG["SECRET_KEY"]) if SECRET_KEY is DEFAULT_CONFIG["SECRET_KEY"]: LOGGER.warning( """ --------------------------------------------- WARNING: The API secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): SECRET_KEY=%s --------------------------------------------- """, generate_secret_key(), ) if AES_KEY is DEFAULT_CONFIG["AES_KEY"]: LOGGER.warning( """ --------------------------------------------- WARNING: The AES secret key was not provided. Using an insecure default key. Consider adding the following to the environment (e.g. .env file): AES_KEY=%s --------------------------------------------- """, generate_aes_key(), )