[core] Add fix secret as config option

2020-09-12 00:01:30 +02:00 · 2020-09-12 00:01:30 +02:00 · b46c605623
parent 7b8d17b77b
commit b46c605623
2 changed files with 4 additions and 2 deletions
--- a/kibicara/config.py
+++ b/kibicara/config.py
@ -18,6 +18,8 @@ Example:
 """
 from argparse import ArgumentParser
 from nacl.secret import SecretBox
 from nacl.utils import random
 from pytoml import load
 from sys import argv
@ -25,6 +27,7 @@ from sys import argv
 config = {
    'database_connection': 'sqlite:////tmp/kibicara.sqlite',
    'frontend_url': 'http://127.0.0.1:4200',  # url of frontend, change in prod
    'secret': random(SecretBox.KEY_SIZE).hex(),  # generate with: openssl rand -hex 32
    # production params
    'frontend_path': None,  # required, path to frontend html/css/js files
    'production': True,
--- a/kibicara/webapi/admin.py
+++ b/kibicara/webapi/admin.py
@ -15,7 +15,6 @@ from logging import getLogger
 from nacl.encoding import URLSafeBase64Encoder
 from nacl.exceptions import CryptoError
 from nacl.secret import SecretBox
 from nacl.utils import random
 from passlib.hash import argon2
 from ormantic.exceptions import NoMatch
 from pickle import dumps, loads
@ -38,7 +37,7 @@ class BodyAccessToken(BaseModel):
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl='/api/admin/login')
-secret_box = SecretBox(random(SecretBox.KEY_SIZE))
+secret_box = SecretBox(bytes.fromhex(config['secret']))
 def to_token(**kwargs):