From 858e3706a6b4c1f767e92a0df2afd4edbb95ba12 Mon Sep 17 00:00:00 2001
From: Michael Ziegler <diese-addy@funzt-halt.net>
Date: Mon, 21 Sep 2009 10:33:25 +0200
Subject: [PATCH] check SECRET_KEY

---
 pyweb/mumble/management/commands/checkenv.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/pyweb/mumble/management/commands/checkenv.py b/pyweb/mumble/management/commands/checkenv.py
index a3ad9cb..d531a05 100644
--- a/pyweb/mumble/management/commands/checkenv.py
+++ b/pyweb/mumble/management/commands/checkenv.py
@@ -32,6 +32,7 @@ class Command( BaseCommand ):
 		self.check_sites();
 		self.check_mumbles();
 		self.check_admins();
+		self.check_secret_key();
 	
 	
 	def check_dbase( self ):
@@ -123,6 +124,20 @@ class Command( BaseCommand ):
 						"Connecting to Murmur `%s` (%s) failed: %s" % ( mumble.name, mumble.dbus, err )
 						);
 			print "[ OK ]";
+	
+	def check_secret_key( self ):
+		print "Checking SECRET_KEY...",
+		
+		blacklist = ( 'u-mp185msk#z4%s(do2^5405)y5d!9adbn92)apu_p^qvqh10v', );
+		
+		if settings.SECRET_KEY in blacklist:
+			raise TestFailed(
+				"Your SECRET_KEY setting matches one of the keys that were put in the settings.py "
+				"file shipped with Mumble-Django, which means your SECRET_KEY is all but secret. "
+				"You should change the setting, or run gen_secret_key.sh to do it for you."
+				);
+		else:
+			print "[ OK ]";