#!/usr/bin/env python |
# encoding: utf-8 |
'' |
generate_keys.py |
Generate CSRF and Session keys, output to secret_keys.py file |
Usage: |
generate_keys.py [-f] |
Outputs secret_keys.py file in current folder |
By default, an existing secret_keys file will not be replaced. |
Use the '-f' flag to force the new keys to be written to the file |
'' |
importstring |
importos.path |
fromoptparseimportOptionParser |
fromrandomimportchoice |
fromstringimportTemplate |
# File settings |
file_name='secret_keys.py' |
file_path=os.path.join( |
os.path.dirname(os.path.realpath(__file__)), file_name) |
file_template=Template(''# CSRF- and Session keys |
CSRF_SECRET_KEY = '$csrf_key' |
SESSION_KEY = '$session_key' |
'') |
# Get options from command line |
parser=OptionParser() |
parser.add_option( |
'-d', |
'--dir', |
dest='dir', |
help='specify dir to output to') |
parser.add_option( |
'-f', |
'--force', |
dest='force', |
help='force overwrite of existing secret_keys file', |
action='store_true') |
parser.add_option( |
'-r', |
'--randomness', |
dest='randomness', |
help='length (randomness) of generated key; default = 24', |
default=24) |
(options, args) =parser.parse_args() |
defgenerate_randomkey(length): |
''Generate random key, given a number of characters'' |
chars=string.letters+string.digits |
return'.join([choice(chars) foriinrange(length)]) |
defwrite_file(contents): |
ifoptions.dirisnotNone: |
file_path=os.path.join(os.path.dirname( |
os.path.realpath(__file__)), |
options.dir, |
file_name) |
withopen(file_path, 'wb') asf: |
f.write(contents) |
defgenerate_keyfile(csrf_key, session_key): |
''Generate random keys for CSRF- and session key'' |
output=file_template.safe_substitute(dict( |
csrf_key=csrf_key, session_key=session_key |
)) |
ifos.path.exists(file_path): |
ifoptions.forceisNone: |
print('Warning: secret_keys.py file exists. ') |
print('Use 'generate_keys.py --force' to force overwrite.') |
else: |
write_file(output) |
else: |
write_file(output) |
defmain(): |
r=options.randomness |
csrf_key=generate_randomkey(r) |
session_key=generate_randomkey(r) |
generate_keyfile(csrf_key, session_key) |
if__name__'__main__': |
main() |
app.secret_key
is not set, the Flask framework will not allow you to set or access the session dictionary. This is all that the flask user guide has to say on the subject.Session
object, but other extensions can make use of the same secret.secret_key
is merely the value set for the SECRET_KEY
configuration key, or you can set it directly.itsdangerous
library to do all the hard work; sessions use the itsdangerous.URLSafeTimedSerializer
class with a customized JSON serializer.