minor change to SECRET_KEY

author Giorgio Ravera <giorgio.ravera@gmail.com>

Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)

committer Giorgio Ravera <giorgio.ravera@gmail.com>

Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)
author Giorgio Ravera <giorgio.ravera@gmail.com>
Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)
committer Giorgio Ravera <giorgio.ravera@gmail.com>
Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)
diff --git a/backend/config.py b/backend/config.py

index d8c4f36a900330f60e7efad6fd0cba32ca72b4e6..2f0fadff443513a21c27a4f7bf54400b2bd177bb 100644 (file)
--- a/backend/config.py
+++ b/backend/config.py
@@ -15,14 +15,14 @@ DOMAIN = os.environ.get("DOMAIN", "example.com")
  PUBLIC_IP = os.environ.get("PUBLIC_IP", "127.0.0.1")
  
  # Web server related settings
-SECRET_KEY = os.getenv("SESSION_SECRET", secrets.token_urlsafe(64))
  HTTP_PORT = os.getenv("HTTP_PORT", "8000")
+SECRET_KEY = os.getenv("SESSION_SECRET")
+if not SECRET_KEY:
+    SECRET_KEY = load_hash("SECRET_KEY_FILE") or secrets.token_urlsafe(64)
  LOGIN_MAX_ATTEMPTS = int(os.getenv("LOGIN_MAX_ATTEMPTS", "5"))
  LOGIN_WINDOW_SECONDS = int(os.getenv("LOGIN_WINDOW_SECONDS", "600"))
  
  # User related settings
  ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
  ADMIN_PASSWORD = os.environ.get("ADMIN_PASSWORD", "admin")
-ADMIN_HASH = os.environ.get("ADMIN_HASH", "")
-if not ADMIN_HASH:
-  ADMIN_HASH = load_hash("ADMIN_HASH_FILE")
+ADMIN_HASH = os.getenv("ADMIN_HASH") or load_hash("ADMIN_HASH_FILE")
author	Giorgio Ravera <giorgio.ravera@gmail.com>
	Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)
committer	Giorgio Ravera <giorgio.ravera@gmail.com>
	Mon, 5 Jan 2026 18:22:08 +0000 (19:22 +0100)