- Add a config whitelist
- Send the config values to the frontend - Add a service class for exposing the config values - Change the directives to inject both Features and Config - Change directive users to make use of the new scope
This commit is contained in:
Joseph Schorr
parent
265fa5070a
commit
da859203f7
9 changed files with 76 additions and 46 deletions
21
config.py
21
config.py
|
|
@ -28,6 +28,24 @@ def logs_init_builder(level=logging.DEBUG,
|
|||
|
||||
return init_logs
|
||||
|
||||
# The set of configuration key names that will be accessible in the client. Since these
|
||||
# values are set to the frontend, DO NOT PLACE ANY SECRETS OR KEYS in this list.
|
||||
CLIENT_WHITELIST = ['SERVER_NAME', 'PREFERRED_URL_SCHEME', 'GITHUB_CLIENT_ID',
|
||||
'GITHUB_LOGIN_CLIENT_ID', 'MIXPANEL_KEY', 'STRIPE_PUBLISHABLE_KEY',
|
||||
'ENTERPRISE_LOGO_URL']
|
||||
|
||||
|
||||
def getFrontendVisibleConfig(config_dict):
|
||||
visible_dict = {}
|
||||
for name in CLIENT_WHITELIST:
|
||||
if name.lower().find('secret') >= 0:
|
||||
raise Exception('Cannot whitelist secrets: %s' % name)
|
||||
|
||||
if name in config_dict:
|
||||
visible_dict[name] = config_dict.get(name, None)
|
||||
|
||||
return visible_dict
|
||||
|
||||
|
||||
class DefaultConfig(object):
|
||||
# Flask config
|
||||
|
|
@ -94,6 +112,9 @@ class DefaultConfig(object):
|
|||
GITHUB_CLIENT_ID = ''
|
||||
GITHUB_CLIENT_SECRET = ''
|
||||
|
||||
GITHUB_LOGIN_CLIENT_ID = ''
|
||||
GITHUB_LOGIN_CLIENT_SECRET = ''
|
||||
|
||||
# Requests based HTTP client with a large request pool
|
||||
HTTPCLIENT = build_requests_session()
|
||||
|
||||
|
|
|
|||
Reference in a new issue