From 116f7a6daaa2d29db30bc0765427d011fa99ce9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= Date: Fri, 9 Oct 2020 15:49:48 +0200 Subject: [PATCH] Force admins to set secret_key if debug mode is disabled This commit also enables debug mode for unit tests. --- searx/__init__.py | 4 ++++ searx/settings_robot.yml | 2 +- tests/__init__.py | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/searx/__init__.py b/searx/__init__.py index b90cf5358..887ef806d 100644 --- a/searx/__init__.py +++ b/searx/__init__.py @@ -85,3 +85,7 @@ if 'SEARX_SECRET' in environ: settings['server']['secret_key'] = environ['SEARX_SECRET'] if 'SEARX_BIND_ADDRESS' in environ: settings['server']['bind_address'] = environ['SEARX_BIND_ADDRESS'] + +if not searx_debug and settings['server']['secret_key'] == 'ultrasecretkey': + logger.error('server.secret_key is not changed. Please use something else instead of ultrasecretkey.') + exit(1) diff --git a/searx/settings_robot.yml b/searx/settings_robot.yml index d43f6fe9c..941a43f83 100644 --- a/searx/settings_robot.yml +++ b/searx/settings_robot.yml @@ -8,7 +8,7 @@ search: server: port : 11111 bind_address : 127.0.0.1 - secret_key : "ultrasecretkey" # change this! + secret_key : "changedultrasecretkey" base_url : False http_protocol_version : "1.0" diff --git a/tests/__init__.py b/tests/__init__.py index e69de29bb..18bf7cad8 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -0,0 +1,2 @@ +import os +os.environ['SEARX_DEBUG'] = '1'