Compare commits
2 Commits
9c1e6f0e94
...
1.0
| Author | SHA1 | Date | |
|---|---|---|---|
| 13e61b7bef | |||
| 4c993ebacd |
27
app.py
27
app.py
@ -11,7 +11,6 @@ from datetime import datetime
|
|||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from logging import getLogger
|
from logging import getLogger
|
||||||
import logging
|
import logging
|
||||||
from logging import getLogger
|
|
||||||
from logging.config import dictConfig
|
from logging.config import dictConfig
|
||||||
|
|
||||||
import toml
|
import toml
|
||||||
@ -31,13 +30,31 @@ from models import Session as DBSession
|
|||||||
from models import SiteConfig, init_db
|
from models import SiteConfig, init_db
|
||||||
from steganography import embed_message, extract_message
|
from steganography import embed_message, extract_message
|
||||||
|
|
||||||
|
# Add this function to handle secret key persistence
|
||||||
|
def get_or_create_secret_key():
|
||||||
|
"""Get existing secret key or create a new one"""
|
||||||
|
secret_key_file = Path("secret.key")
|
||||||
|
try:
|
||||||
|
if secret_key_file.exists():
|
||||||
|
logger.info("Loading existing secret key")
|
||||||
|
return secret_key_file.read_bytes()
|
||||||
|
else:
|
||||||
|
logger.info("Generating new secret key")
|
||||||
|
secret_key = os.urandom(32) # Use 32 bytes for better security
|
||||||
|
secret_key_file.write_bytes(secret_key)
|
||||||
|
return secret_key
|
||||||
|
except Exception as e:
|
||||||
|
logger.error(f"Error handling secret key: {e}")
|
||||||
|
# Fallback to a memory-only key if file operations fail
|
||||||
|
return os.urandom(32)
|
||||||
|
|
||||||
DEFAULT_CONFIG = {
|
DEFAULT_CONFIG = {
|
||||||
"server": {"host": "0.0.0.0", "port": 5000},
|
"server": {"host": "0.0.0.0", "port": 5000},
|
||||||
"directories": {"upload": "uploads", "thumbnail": "thumbnails"},
|
"directories": {"upload": "uploads", "thumbnail": "thumbnails"},
|
||||||
"admin": {"password": secrets.token_urlsafe(16)}, # Generate secure random password
|
"admin": {"password": secrets.token_urlsafe(16)}, # Generate secure random password
|
||||||
}
|
}
|
||||||
|
|
||||||
# Add this logging configuration before creating the Flask app
|
# Configure logging
|
||||||
dictConfig({
|
dictConfig({
|
||||||
'version': 1,
|
'version': 1,
|
||||||
'formatters': {
|
'formatters': {
|
||||||
@ -66,8 +83,9 @@ dictConfig({
|
|||||||
# Get logger for this module
|
# Get logger for this module
|
||||||
logger = getLogger(__name__)
|
logger = getLogger(__name__)
|
||||||
|
|
||||||
|
# Create Flask app with persistent secret key
|
||||||
app = Flask(__name__)
|
app = Flask(__name__)
|
||||||
app.secret_key = os.urandom(24)
|
app.secret_key = get_or_create_secret_key()
|
||||||
|
|
||||||
def allowed_file(filename):
|
def allowed_file(filename):
|
||||||
return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
|
return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
|
||||||
@ -211,9 +229,6 @@ limiter = Limiter(
|
|||||||
storage_uri="memory://",
|
storage_uri="memory://",
|
||||||
)
|
)
|
||||||
|
|
||||||
# Generate a strong secret key at startup
|
|
||||||
app.secret_key = secrets.token_hex(32)
|
|
||||||
|
|
||||||
@app.before_request
|
@app.before_request
|
||||||
def before_request():
|
def before_request():
|
||||||
g.csp_nonce = secrets.token_hex(16)
|
g.csp_nonce = secrets.token_hex(16)
|
||||||
|
|||||||
Reference in New Issue
Block a user