use app.config for salt

author: B. Stack <bgstack15@gmail.com> 2022-02-11 21:05:43 -0500
committer: B. Stack <bgstack15@gmail.com> 2022-02-11 21:05:43 -0500
commit: 4ea565c9d01d79b2c065ec933d56e94cbcb5aa22 (patch)
tree: e3c5ce6215d1035779203f76cf1e603a6fb1a092 /pastebin.py
parent: use UUID for paste id, and more js removal (diff)
download: stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.tar.gz
stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.tar.bz2
stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/pastebin.py b/pastebin.py
index cd67265..37fda53 100644
--- a/pastebin.py
+++ b/pastebin.py
@@ -89,7 +89,7 @@ def new_paste():
       paste = Paste(g.user, request.form['code'], title, parent=parent, is_private=is_private)
       db.session.add(paste)
       db.session.commit()
-      sign = Signer(app.secret_key, salt='jackson').sign(str(paste.id)) \
+      sign = Signer(app.secret_key, salt=app.config['SALT']).sign(str(paste.id)) \
          if is_private else None
       return redirect(url_for('show_paste', paste_id=paste.id, s=sign))
    return render_template('new_paste.html', parent=parent)
@@ -105,7 +105,7 @@ def show_paste(paste_id):
       try:
          sign = request.args.get('s', '')
          assert str(paste.id) == \
-            Signer(app.secret_key, salt='jackson').unsign(sign).decode("utf-8")
+            Signer(app.secret_key, salt=app.config['SALT']).unsign(sign).decode("utf-8")
       except:
          abort(403)
    parent = None
author	B. Stack <bgstack15@gmail.com>	2022-02-11 21:05:43 -0500
committer	B. Stack <bgstack15@gmail.com>	2022-02-11 21:05:43 -0500
commit	4ea565c9d01d79b2c065ec933d56e94cbcb5aa22 (patch)
tree	e3c5ce6215d1035779203f76cf1e603a6fb1a092 /pastebin.py
parent	use UUID for paste id, and more js removal (diff)
download	stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.tar.gz stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.tar.bz2 stackbin-4ea565c9d01d79b2c065ec933d56e94cbcb5aa22.zip