From 9bf8de06cb30ef1ff7e20a40845cafc45a7f8824 Mon Sep 17 00:00:00 2001 From: Cannon Lock Date: Thu, 30 Nov 2023 12:42:46 -0600 Subject: [PATCH] Make the Secret key an env variable --- api/routes/security.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/api/routes/security.py b/api/routes/security.py index 154a377..6e18b71 100644 --- a/api/routes/security.py +++ b/api/routes/security.py @@ -13,12 +13,13 @@ from pydantic import BaseModel from sqlalchemy import select +import dotenv +dotenv.load_dotenv() + import api.schemas as schemas import api.database as db -# to get a string like this run: -# openssl rand -hex 32 -SECRET_KEY = "11937be5daeb452985fc2d4f8ab09841d2fa45f48d72960b470d52fd84f4088e" + ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES = 60 @@ -111,7 +112,7 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]): headers={"WWW-Authenticate": "Bearer"}, ) try: - payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) + payload = jwt.decode(token, os.environ['SECRET_KEY'], algorithms=[os.environ['JWT_ENCRYPTION_ALGORITHM']]) sub: str = payload.get("sub") if sub is None: raise credentials_exception @@ -131,7 +132,7 @@ def create_access_token(data: dict, expires_delta: timedelta | None = None): else: expire = datetime.utcnow() + timedelta(minutes=15) to_encode.update({"exp": expire}) - encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) + encoded_jwt = jwt.encode(to_encode, os.environ['SECRET_KEY'], algorithm=os.environ['JWT_ENCRYPTION_ALGORITHM']) return encoded_jwt