Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a check on startup to ensure application is not using default key in live environments #3456

Closed
AetherUnbound opened this issue Dec 5, 2023 · 6 comments · Fixed by #3623
Closed

Add a check on startup to ensure application is not using default key in live environments #3456

AetherUnbound opened this issue Dec 5, 2023 · 6 comments · Fixed by #3623
Assignees
@firatbezir
Labels
💻 aspect: code Concerns the software code in the repository ✨ goal: improvement Improvement to an existing user-facing feature good first issue New-contributor friendly help wanted Open to participation from the community 🟩 priority: low Low priority and doesn't need to be rushed 🧱 stack: api Related to the Django API

Comments

@AetherUnbound
Copy link
Collaborator

Description

In #3422, we altered the Django secret key to use a more obvious shim value. @dhruvkb suggested:

We can also update settings.py to raise an error if it's unchanged.

To be specific, we should check to ensure that the value is not example_key in any ENVIRONMENT that's not local or development, and raise an appropriate error if it is.
@AetherUnbound AetherUnbound added good first issue New-contributor friendly help wanted Open to participation from the community ✨ goal: improvement Improvement to an existing user-facing feature 💻 aspect: code Concerns the software code in the repository 🟩 priority: low Low priority and doesn't need to be rushed 🧱 stack: api Related to the Django API labels Dec 5, 2023
@openverse-bot openverse-bot moved this to 📋 Backlog in Openverse Backlog Dec 5, 2023
@sarayourfriend
Copy link
Collaborator

This would be the exception to raise for an issue of this nature: https://docs.djangoproject.com/en/4.2/ref/exceptions/#improperlyconfigured

@firatbezir
Copy link
Contributor

Can i give it a shot?

@sarayourfriend
Copy link
Collaborator

I've assiged it to you @firatbezir, go for it 🙂

@openverse-bot openverse-bot moved this from 📋 Backlog to 📅 To Do in Openverse Backlog Jan 2, 2024
@obulat
Copy link
Contributor

obulat commented Jan 3, 2024

To be specific, we should check to ensure that the value is not example_key in any ENVIRONMENT that's not local or development, and raise an appropriate error if it is.

How do you get the example_key for all environments in Django settings?

@firatbezir firatbezir mentioned this issue Jan 3, 2024
Merged
8 tasks
@openverse-bot openverse-bot moved this from 📅 To Do to 🏗 In Progress in Openverse Backlog Jan 3, 2024
@sarayourfriend
Copy link
Collaborator

I think Madison meant example_key as a literal string, like "example_key" != actual_value? Can you confirm @AetherUnbound?

@AetherUnbound
Copy link
Collaborator Author

That's correct!

@openverse-bot openverse-bot moved this from 🏗 In Progress to ✅ Done in Openverse Backlog Jan 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@firatbezir firatbezir

Labels
💻 aspect: code Concerns the software code in the repository ✨ goal: improvement Improvement to an existing user-facing feature good first issue New-contributor friendly help wanted Open to participation from the community 🟩 priority: low Low priority and doesn't need to be rushed 🧱 stack: api Related to the Django API
Projects
Openverse Backlog
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add secret-key check firatbezir/openverse
4 participants
@AetherUnbound @obulat @sarayourfriend @firatbezir