From 319d2db43ac3bd00063462150fcd6294e83f7ed4 Mon Sep 17 00:00:00 2001
From: srh-sloan <srh-sloan@users.noreply.github.com>
Date: Wed, 18 Sep 2024 09:54:43 +0100
Subject: [PATCH] Changing flask secret key to be read from environment (#42)

---
 app/create_app.py          | 1 -
 config/envs/default.py     | 2 ++
 config/envs/development.py | 2 ++
 config/envs/unit_test.py   | 2 ++
 4 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/create_app.py b/app/create_app.py
index 91bf3ea3..f5bf0c00 100644
--- a/app/create_app.py
+++ b/app/create_app.py
@@ -16,7 +16,6 @@
 def create_app() -> Flask:
 
     flask_app = Flask("__name__", static_url_path="/assets")
-    flask_app.secret_key = "dev"  # pragma: allowlist secret
     flask_app.register_blueprint(self_serve_bp)
     flask_app.register_blueprint(dev_bp)
     flask_app.register_blueprint(build_fund_bp)
diff --git a/config/envs/default.py b/config/envs/default.py
index d4c07001..7b668ec2 100644
--- a/config/envs/default.py
+++ b/config/envs/default.py
@@ -9,6 +9,8 @@ class DefaultConfig(object):
     # Logging
     FSD_LOG_LEVEL = logging.WARNING
 
+    SECRET_KEY = getenv("SECRET_KEY")
+
     FAB_HOST = getenv("FAB_HOST", "fab:8080/")
     FAB_SAVE_PER_PAGE = getenv("FAB_SAVE_PER_PAGE", "dev/save")
     FORM_RUNNER_URL = getenv("FORM_RUNNER_INTERNAL_HOST", "http://form-runner:3009")
diff --git a/config/envs/development.py b/config/envs/development.py
index db67aa14..ac77c66c 100644
--- a/config/envs/development.py
+++ b/config/envs/development.py
@@ -11,6 +11,8 @@ class DevelopmentConfig(Config):
     # Logging
     FSD_LOG_LEVEL = logging.DEBUG
 
+    SECRET_KEY = getenv("SECRET_KEY", "local")
+
     SQLALCHEMY_DATABASE_URI = getenv(
         "DATABASE_URL",
         "postgresql://postgres:password@fab-db:5432/fab",  # pragma: allowlist secret
diff --git a/config/envs/unit_test.py b/config/envs/unit_test.py
index d8ed1fb1..9e0bf3e0 100644
--- a/config/envs/unit_test.py
+++ b/config/envs/unit_test.py
@@ -12,6 +12,8 @@ class UnitTestConfig(Config):
     # Logging
     FSD_LOG_LEVEL = logging.DEBUG
 
+    SECRET_KEY = getenv("SECRET_KEY", "unit_test")
+
     SQLALCHEMY_DATABASE_URI = getenv(
         "DATABASE_URL_UNIT_TEST",
         "postgresql://postgres:postgres@127.0.0.1:5432/fab_unit_test",  # pragma: allowlist secret