[conf] Read "HALFAPI_SECRET" file content if the option is not specified. Do not use HALFAPI_SECRET to store the *secret* value

2021-09-03 15:50:33 +02:00 · 2021-09-03 15:50:33 +02:00 · 51877b271e
parent 061c966072
commit 51877b271e
3 changed files with 8 additions and 27 deletions
--- a/halfapi/conf.py
+++ b/halfapi/conf.py
@ -59,17 +59,8 @@ is_project = lambda: os.path.isfile(CONF_FILE)



-default_config = {
-    'project': {
-        'host': '127.0.0.1',
-        'port': '8000',
-        'secret': '',
-        'production': 'no'
-    }
-}

 config = ConfigParser(allow_no_value=True)
-config.read_dict(default_config)

 CONF_DIR = environ.get('HALFAPI_CONF_DIR', '/etc/half_api')
 HALFAPI_ETC_FILE=os.path.join(
@ -127,26 +118,19 @@ if len(PROJECT_NAME) == 0:
 DOMAINSDICT = lambda: d_domains(config)
 DOMAINS = DOMAINSDICT()
 if len(DOMAINS) == 0:
-    logger.info('Domain-less instance')
+    logger.info('Domain-less instance %s', d_domains(config))

 HOST = config.get('project', 'host', fallback=environ.get('HALFAPI_HOST', '127.0.0.1'))
 PORT = config.getint('project', 'port', fallback=environ.get('HALFAPI_PORT', '3000'))

 try:
-    with open(config.get('project', 'secret')) as secret_file:
+    with open(config.get('project', 'secret',
+        fallback=environ.get('HALFAPI_SECRET', ''))) as secret_file:
+
        SECRET = secret_file.read().strip()
        CONFIG['secret'] = SECRET.strip()
-        # Set the secret so we can use it in domains
-        environ['HALFAPI_SECRET'] = SECRET
 except FileNotFoundError as exc:
-    if 'HALFAPI_SECRET' in environ:
-        SECRET = environ.get('HALFAPI_SECRET')
-        CONFIG['secret'] = SECRET.strip()
-        # Set the secret so we can use it in domains
-        environ['HALFAPI_SECRET'] = SECRET
-
-    logger.error('There is no file like %s : %s',
-        config.get('project', 'secret'), exc)
+    logger.error('Missing secret file: %s', exc)

 PRODUCTION = config.getboolean('project', 'production',
    fallback=environ.get('HALFAPI_PROD', False))
--- a/halfapi/lib/jwt_middleware.py
+++ b/halfapi/lib/jwt_middleware.py
@ -7,7 +7,7 @@ Classes:
    - JWTWebSocketAuthenticationBackend

 Raises:
-    Exception: If configuration has no SECRET or HALFAPI_SECRET is not set
+    Exception: If configuration has no SECRET
 """

 from os import environ
@ -38,11 +38,9 @@ except ImportError:
 try:
    from ..conf import SECRET
 except ImportError as exc:
-    logger.warning('Could not import SECRET variable from conf module,'\
+    logger.error('Could not import SECRET variable from conf module,'\
        ' using HALFAPI_SECRET environment variable')
-    SECRET  = environ.get('HALFAPI_SECRET', False)
-    if not SECRET:
-        raise Exception('Missing HALFAPI_SECRET variable') from exc
+    raise Exception('Missing secret') from exc



--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -27,7 +27,6 @@ logger = logging.getLogger('halfapitest')

 PROJNAME = os.environ.get('PROJ','tmp_api')

-os.environ['HALFAPI_SECRET'] = 'dummysecret'
 SECRET = 'dummysecret'

 from halfapi.lib.jwt_middleware import (