Browse Source

Provide utilities to automate secure secret key generation

Implements blueprint automatic-secure-key-generation

Reduce the likeliness that the (commented-out) default key is abused
and document possible options instead.

Also use a non-empty SECRET_KEY for development / testing environments.

A later patch would make it a hard error if no SECRET_KEY is defined
(i.e. Django defaults to an empty string which is anything but secure).
Unfortunately, I can't do it now as the devstack integration test would
fail (they don't set a SECRET_KEY either) currently. So, when this
blueprint is accepted, I would submit a fix to devstack and afterwards
add the error message to warn the user about insecure defaults.

Addressed PEP-8 issues

Change-Id: Ifdab8e6b6fb3025fde7a2b92beb046ec9c5cba7f
changes/21/514521/1
Sascha Peilicke 9 years ago
parent
commit
530a056c45
  1. 3
      openstack_dashboard/test/settings.py

3
openstack_dashboard/test/settings.py

@ -1,10 +1,13 @@
import os
from horizon.tests.testsettings import *
from horizon.utils.secret_key import generate_or_read_from_file
TEST_DIR = os.path.dirname(os.path.abspath(__file__))
ROOT_PATH = os.path.abspath(os.path.join(TEST_DIR, ".."))
SECRET_KEY = generate_or_read_from_file(os.path.join(TEST_DIR,
'.secret_key_store'))
ROOT_URLCONF = 'openstack_dashboard.urls'
TEMPLATE_DIRS = (os.path.join(ROOT_PATH, 'templates'),)
STATICFILES_DIRS = (os.path.join(ROOT_PATH, 'static'),)

Loading…
Cancel
Save