From 2e2f34d292905ba33da5ca741b2ffd2617a6dadf Mon Sep 17 00:00:00 2001 From: Michael Ziegler Date: Wed, 10 Feb 2010 23:31:59 +0100 Subject: [PATCH] replace secret_key variable with code to automatically generate it and store it in .secret.txt. --- .hgignore | 2 +- pyweb/gen_secret_key.sh | 26 -------------------------- pyweb/settings.py | 21 +++++++++++++++++++-- 3 files changed, 20 insertions(+), 29 deletions(-) delete mode 100755 pyweb/gen_secret_key.sh diff --git a/.hgignore b/.hgignore index 1841f63..538a18f 100644 --- a/.hgignore +++ b/.hgignore @@ -4,4 +4,4 @@ syntax: glob *.db3 *~ .directory - +.secret.txt diff --git a/pyweb/gen_secret_key.sh b/pyweb/gen_secret_key.sh deleted file mode 100755 index dca99e8..0000000 --- a/pyweb/gen_secret_key.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# -# Update settings.py with an automatically generated Secret Key. -# -# Copyright © 2009-2010, Michael "Svedrin" Ziegler -# -# Mumble-Django is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This package is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# - -HASHSCRIPT=' -from hashlib import sha1; -import sys; -print sha1( sys.stdin.read() ).hexdigest();' - -KEY=` dd if=/dev/urandom bs=64 count=1 2>/dev/null | python -c "$HASHSCRIPT" ` -SECKEY="SECRET_KEY = '$KEY'" - -sed -i "s/^SECRET_KEY.*/${SECKEY}/" settings.py diff --git a/pyweb/settings.py b/pyweb/settings.py index 1ad2a1a..abb75be 100644 --- a/pyweb/settings.py +++ b/pyweb/settings.py @@ -145,8 +145,25 @@ ADMIN_MEDIA_PREFIX = MUMBLE_DJANGO_URL+'media/' LOGIN_URL = MUMBLE_DJANGO_URL + 'accounts/login'; LOGIN_REDIRECT_URL = MUMBLE_DJANGO_URL + 'accounts/profile'; -# Make this unique, and don't share it with anybody. -SECRET_KEY = 'u-mp185msk#z4%s(do2^5405)y5d!9adbn92)apu_p^qvqh10v' + +# Automatically generate a .secret.txt file containing the SECRET_KEY. +# Shamelessly stolen from ByteFlow: +try: + SECRET_KEY +except NameError: + SECRET_FILE = join(MUMBLE_DJANGO_ROOT, '.secret.txt') + try: + SECRET_KEY = open(SECRET_FILE).read().strip() + except IOError: + try: + from random import choice + SECRET_KEY = ''.join([choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)]) + secret = file(SECRET_FILE, 'w') + secret.write(SECRET_KEY) + secret.close() + except IOError: + Exception('Please create a %s file with random characters to generate your secret key!' % SECRET_FILE) + # List of callables that know how to import templates from various sources. TEMPLATE_LOADERS = (