From c66414ca85311bf9332de6615ba6dc5a2bce644e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ensar=20Saraj=C4=8Di=C4=87?= <esarajcic1@etf.unsa.ba>
Date: Wed, 31 Oct 2018 21:59:21 +0100
Subject: [PATCH] Allow secrets to be changed through environment

---
 config.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/config.py b/config.py
index 2a1f3ba..609bf1b 100644
--- a/config.py
+++ b/config.py
@@ -23,11 +23,13 @@ CSRF_ENABLED = True
 
 # Use a secure, unique and absolutely secret key for
 # signing the data.
-CSRF_SESSION_KEY = "secret"
+CSRF_SESSION_KEY = os.environ.get('CSRF_SECRET') or "secret"
 
 # Secret key for signing cookies
-SECRET_KEY = "?['Z(Z\x83Y \x06T\x12\x96<\xff\x12\xe0\x1b\xd1J\xe0\xd9ld"
-SECURITY_PASSWORD_SALT = "IyoZvOJb4feT3xKlYXyOJveHSIY4GDg6"
+SECRET_KEY = (os.environ.get('APP_SECRET_KEY') or
+              "?['Z(Z\x83Y\x06T\x12\x96<\xff\x12\xe0\x1b\xd1J\xe0\xd9ld")
+SECURITY_PASSWORD_SALT = (os.environ.get('APP_SECRETS_SALT') or
+                          "IyoZvOJb4feT3xKlYXyOJveHSIY4GDg6")
 
 # MQTT configuration
 MQTT_CLIENT_ID = 'final-iot-backend-server-' + os.environ['MQTT_CLIENT']