dpgaspar commented on code in PR #39999:
URL: https://github.com/apache/superset/pull/39999#discussion_r3249417477
##########
superset/initialization/__init__.py:
##########
@@ -648,21 +653,42 @@ def log_default_secret_key_warning() -> None:
"For more info, see: https://superset.apache.org/docs/";
"configuration/configuring-superset#specifying-a-secret_key"
)
- logger.warning(bottom_banner)
-
- if self.config["SECRET_KEY"] == CHANGE_ME_SECRET_KEY:
if (
self.superset_app.debug
or self.superset_app.config["TESTING"]
or is_test()
):
logger.warning("Debug mode identified with default secret key")
- log_default_secret_key_warning()
+ self._log_config_warning(warning)
return
- log_default_secret_key_warning()
+ self._log_config_warning(warning)
logger.error("Refusing to start due to insecure SECRET_KEY")
sys.exit(1)
+ def check_guest_token_secret(self) -> None:
+ """Refuse to start with default guest JWT secret when embedding is
enabled."""
+ default_secret = "test-guest-secret-change-me" # noqa: S105
Review Comment:
let's use the same pattern as `CHANGE_ME_SECRET_KEY` for embedded and avoid
hard coding values on the code
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
