From e56115d9d2561a826c85571dd868cda29326ee90 Mon Sep 17 00:00:00 2001
From: Joseph Schorr <josephschorr@users.noreply.github.com>
Date: Mon, 24 Aug 2015 16:09:01 -0400
Subject: [PATCH] Move secret key generation before we load users of config, as
 they may reference it

---
 app.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app.py b/app.py
index 36047425c..15eb0a27b 100644
--- a/app.py
+++ b/app.py
@@ -106,6 +106,11 @@ for handler in logging.getLogger().handlers:
 
 app.request_class = RequestWithId
 
+# Generate a secret key if none was specified.
+if app.config['SECRET_KEY'] is None:
+  logger.debug('Generating in-memory secret key')
+  app.config['SECRET_KEY'] = generate_secret_key()
+
 features.import_features(app.config)
 
 Principal(app, use_sessions=False)
@@ -144,11 +149,6 @@ database.configure(app.config)
 model.config.app_config = app.config
 model.config.store = storage
 
-# Generate a secret key if none was specified.
-if app.config['SECRET_KEY'] is None:
-  logger.debug('Generating in-memory secret key')
-  app.config['SECRET_KEY'] = generate_secret_key()
-
 @login_manager.user_loader
 def load_user(user_uuid):
   logger.debug('User loader loading deferred user with uuid: %s' % user_uuid)