skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

security: add ENFORCE_PRODUCTION

Browse source 
can provide a safety check so debug mode never gets enabled on production environments by accident
This commit is contained in:
justcool393 2022-11-20 09:50:01 -06:00 committed by Ben Rog-Wilhelm
parent 0db174b90b
commit 86c0eea85a
2 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
env
View file

@ -2,6 +2,7 @@ MASTER_KEY=blahblahblah
DOMAIN=localhost DOMAIN=localhost
SITE_ID=TheMotte SITE_ID=TheMotte
SITE_TITLE=The Motte SITE_TITLE=The Motte
ENFORCE_PRODUCTION=False
GIPHY_KEY=blahblahblah GIPHY_KEY=blahblahblah
DISCORD_SERVER_ID=blahblahblah DISCORD_SERVER_ID=blahblahblah
DISCORD_CLIENT_ID=blahblahblah DISCORD_CLIENT_ID=blahblahblah

3
files/__main__.py
View file

@ -27,6 +27,9 @@ app.jinja_env.cache = {}
app.jinja_env.auto_reload = True app.jinja_env.auto_reload = True
faulthandler.enable() faulthandler.enable()
if environ.get("ENFORCE_PRODUCTION", False) and app.config["DEBUG"]:
raise ValueError("Debug mode is not allowed! If this is a dev environment, please set ENFORCE_PRODUCTION to false")
if environ.get("SITE_ID") is None: if environ.get("SITE_ID") is None:
from dotenv import load_dotenv from dotenv import load_dotenv
load_dotenv(dotenv_path=Path("env")) load_dotenv(dotenv_path=Path("env"))