Add instructions to generate a secret key

acsany · acsany · commit 4a2913fd0263 · 2023-08-11T10:52:00.000+02:00
diff --git a/code-image-generator/README.md b/code-image-generator/README.md
@@ -39,3 +39,30 @@ Finally, run the Flask development server
 ```
 
 Now you can navigate to the address that's shown in the output when you start the server. Commonly, that's `http://localhost:5000/`.
+
+## Secret Key
+
+If you want to deploy your Flask app later, then it's a good idea to generate a proper secret key.
+
+If you need to create cryptographically sound data like a Flask secret key, then you can use Python's [`secrets`](https://docs.python.org/3/library/secrets.html) module:
+
+```pycon
+>>> import secrets
+>>> secrets.token_hex()
+'2e9ac41b1e0b66a8d93d66400e2300c4b4c2953f'
+```
+
+The `.token_hex()` method returns a [hexadecimal](https://en.wikipedia.org/wiki/Hexadecimal) string containing random numbers and letters from `0` to `9` and `a` to `f`. Use the value that `secrets.token_hex()` outputs for you and add it in your Flask project's `app.py` file:
+
+```python hl_lines="6"
+# app.py
+
+from flask import Flask, render_template
+
+app = Flask(__name__)
+app.secret_key = "2e9ac41b1e0b66a8d93d66400e2300c4b4c2953f"
+
+# ...
+```
+
+To not save the secret key directly in your code, it may be a good idea to work with [environment variables](https://12factor.net/config). You can learn more about it in the Flask documentation about [Configuration Handling](https://flask.palletsprojects.com/en/2.3.x/config/).
diff --git a/code-image-generator/source_code_final/app.py b/code-image-generator/source_code_final/app.py
@@ -5,11 +5,12 @@
 from pygments.formatters import HtmlFormatter
 from pygments.lexers import Python3Lexer
 from pygments.styles import get_all_styles
-
 from utils import take_screenshot_from_url
 
 app = Flask(__name__)
-app.secret_key = "mysecretkey"
+app.secret_key = (
+    "AddYourSecretKeyHere"  # See the README.md file for instructions
+)
 
 PLACEHOLDER_CODE = "print('Hello, World!')"
 DEFAULT_STYLE = "monokai"
diff --git a/code-image-generator/source_code_step_02/app.py b/code-image-generator/source_code_step_02/app.py
@@ -8,7 +8,9 @@
 )
 
 app = Flask(__name__)
-app.secret_key = "mysecretkey"
+app.secret_key = (
+    "AddYourSecretKeyHere"  # See the README.md file for instructions
+)
 
 PLACEHOLDER_CODE = "print('Hello, World!')"
 
diff --git a/code-image-generator/source_code_step_03/app.py b/code-image-generator/source_code_step_03/app.py
@@ -12,7 +12,9 @@
 from pygments.styles import get_all_styles
 
 app = Flask(__name__)
-app.secret_key = "mysecretkey"
+app.secret_key = (
+    "AddYourSecretKeyHere"  # See the README.md file for instructions
+)
 
 PLACEHOLDER_CODE = "print('Hello, World!')"
 DEFAULT_STYLE = "monokai"
diff --git a/code-image-generator/source_code_step_04/app.py b/code-image-generator/source_code_step_04/app.py
@@ -11,11 +11,12 @@
 from pygments.formatters import HtmlFormatter
 from pygments.lexers import Python3Lexer
 from pygments.styles import get_all_styles
-
 from utils import take_screenshot_from_url
 
 app = Flask(__name__)
-app.secret_key = "mysecretkey"
+app.secret_key = (
+    "AddYourSecretKeyHere"  # See the README.md file for instructions
+)
 
 PLACEHOLDER_CODE = "print('Hello, World!')"
 DEFAULT_STYLE = "monokai"

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,9 @@`
`8`	`8`	`)`
`9`	`9`
`10`	`10`	`app = Flask(__name__)`
`11`		`-app.secret_key = "mysecretkey"`
	`11`	`+app.secret_key = (`
	`12`	`+ "AddYourSecretKeyHere" # See the README.md file for instructions`
	`13`	`+)`
`12`	`14`
`13`	`15`	`PLACEHOLDER_CODE = "print('Hello, World!')"`
`14`	`16`