Load JWT secret from config (#41)

ocf · Dec 16, 2022 · f61ba4e · f61ba4e
1 parent 01a4e2b
commit f61ba4e
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/app/utils/calnet.py b/app/utils/calnet.py
@@ -1,4 +1,3 @@
-import os
 import re
 from math import floor
 from time import time
@@ -15,7 +14,6 @@
 
 settings = get_settings()
 
-__JWT_SECRET = os.getrandom(32).hex() if not settings.debug else "waddles"
 JWT_AUDIENCE = "ocfapi_calnet"
 
 calnet_jwt_auth_scheme = HTTPBearer(
@@ -48,7 +46,7 @@ def create_calnet_jwt(uid: Union[int, str]) -> str:
             "iat": current_time,
             "exp": current_time + 60 * 30,  # 60 sec * 30 min
         },
-        __JWT_SECRET,
+        settings.calnet_jwt_secret,
         algorithm="HS256",
     )
 
@@ -74,7 +72,7 @@ def decode_calnet_jwt(calnet_jwt: str) -> Dict[str, Union[str, int]]:
     # not as good as what we can do ourselves
     return jwt.decode(
         calnet_jwt,
-        __JWT_SECRET,
+        settings.calnet_jwt_secret,
         algorithms="HS256",
         options={
             "verify_signature": True,

diff --git a/app/utils/config.py b/app/utils/config.py
@@ -23,6 +23,8 @@ class Settings(BaseSettings):
     celery_broker: str = "redis://127.0.0.1:6378"
     celery_backend: str = "redis://127.0.0.1:6378"
 
+    calnet_jwt_secret: str = "sshverysecret"
+
     debug: bool = False
     version: str = "dev"