From 4c993ebacd676228092dad04af95f394f0e8d9a5 Mon Sep 17 00:00:00 2001
From: Tanishq Dubey <dubey@dws.rip>
Date: Tue, 5 Nov 2024 19:36:44 -0500
Subject: [PATCH] Secret Key

---
 app.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/app.py b/app.py
index 3479a2f..2c829e4 100644
--- a/app.py
+++ b/app.py
@@ -11,7 +11,6 @@ from datetime import datetime
 from pathlib import Path
 from logging import getLogger
 import logging
-from logging import getLogger
 from logging.config import dictConfig
 
 import toml
@@ -31,13 +30,23 @@ from models import Session as DBSession
 from models import SiteConfig, init_db
 from steganography import embed_message, extract_message
 
+# Add this function to handle secret key persistence
+def get_or_create_secret_key():
+    secret_key_file = Path("secret.key")
+    if secret_key_file.exists():
+        return secret_key_file.read_bytes()
+    else:
+        secret_key = os.urandom(24)
+        secret_key_file.write_bytes(secret_key)
+        return secret_key
+
 DEFAULT_CONFIG = {
     "server": {"host": "0.0.0.0", "port": 5000},
     "directories": {"upload": "uploads", "thumbnail": "thumbnails"},
     "admin": {"password": secrets.token_urlsafe(16)},  # Generate secure random password
 }
 
-# Add this logging configuration before creating the Flask app
+# Configure logging
 dictConfig({
     'version': 1,
     'formatters': {
@@ -66,8 +75,9 @@ dictConfig({
 # Get logger for this module
 logger = getLogger(__name__)
 
+# Create Flask app with persistent secret key
 app = Flask(__name__)
-app.secret_key = os.urandom(24)
+app.secret_key = get_or_create_secret_key()
 
 def allowed_file(filename):
     return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS