root
/
flask
mirror of https://github.com/pallets/flask.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #4301 from kkirsche/secret_key_via_secrets 

use secrets module for SECRET_KEY generation in docs
This commit is contained in:
David Lord 2021-10-13 08:39:29 -07:00 committed by GitHub
parent 8ddf80c3ea 58a08a1d73
commit c5ed6c5e77
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/config.rst
View File

@ -38,7 +38,7 @@ method::
app.config.update(
TESTING=True,
SECRET_KEY=b'_5#y2L"F4Q8z\n\xec]/'
SECRET_KEY='192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
)
@ -180,8 +180,8 @@ The following configuration values are used internally by Flask:
application. It should be a long random ``bytes`` or ``str``. For
example, copy the output of this to your config::
$ python -c 'import os; print(os.urandom(16))'
b'_5#y2L"F4Q8z\n\xec]/'
$ python -c 'import secrets; print(secrets.token_hex()))'
'192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
**Do not reveal the secret key when posting questions or committing code.**
@ -468,7 +468,7 @@ sure to use uppercase letters for your config keys.
Here is an example of a configuration file::
# Example configuration
SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
SECRET_KEY = '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
Make sure to load the configuration very early on, so that extensions have
the ability to access the configuration when starting up. There are other

4
docs/quickstart.rst
View File

@ -847,8 +847,8 @@ sessions work::
generator. Use the following command to quickly generate a value for
:attr:`Flask.secret_key` (or :data:`SECRET_KEY`)::
$ python -c 'import os; print(os.urandom(16))'
b'_5#y2L"F4Q8z\n\xec]/'
$ python -c 'import secrets; print(secrets.token_hex())'
'192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
A note on cookie-based sessions: Flask will take the values you put into the
session object and serialize them into a cookie. If you are finding some

6
docs/tutorial/deploy.rst
View File

@ -88,9 +88,9 @@ You can use the following command to output a random secret key:
.. code-block:: none
$ python -c 'import os; print(os.urandom(16))'
$ python -c 'import secrets; print(secrets.token_hex())'
b'_5#y2L"F4Q8z\n\xec]/'
'192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
Create the ``config.py`` file in the instance folder, which the factory
will read from if it exists. Copy the generated value into it.
@ -98,7 +98,7 @@ will read from if it exists. Copy the generated value into it.
.. code-block:: python
:caption: ``venv/var/flaskr-instance/config.py``
SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
SECRET_KEY = '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
You can also set any other necessary configuration here, although
``SECRET_KEY`` is the only one needed for Flaskr.