[odrs-web] Don't rely on ODRS_REVIEWS_SECRET being in config

From: Richard Hughes <rhughes src gnome org>
To: commits-list gnome org
Cc:
Subject: [odrs-web] Don't rely on ODRS_REVIEWS_SECRET being in config
Date: Mon, 1 Jul 2019 16:13:48 +0000 (UTC)

commit fa3e93ed58a90b06a10d3551600695e0bb6274b4
Author: Richard Hughes <richard hughsie com>
Date:   Mon Jul 1 15:59:15 2019 +0100

    Don't rely on ODRS_REVIEWS_SECRET being in config

 app_data/odrs/tests/util_test.py | 2 +-
 app_data/odrs/util.py            | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)
---
diff --git a/app_data/odrs/tests/util_test.py b/app_data/odrs/tests/util_test.py
index 97baa79..8187f0c 100644
--- a/app_data/odrs/tests/util_test.py
+++ b/app_data/odrs/tests/util_test.py
@@ -45,7 +45,7 @@ class UtilTest(unittest.TestCase):
     def test_user_key(self):
 
         os.environ['ODRS_REVIEWS_SECRET'] = '1'
-        self.assertEqual(_get_user_key('foo', 'gimp.desktop'), '74e9a6c58a608c88104efab48cc76beb271af1f1')
+        self.assertEqual(_get_user_key('foo', 'gimp.desktop'), '8d68a9e8054a18cb11e62242f9036aca786551d8')
 
     def test_legacy_hash(self):
 
diff --git a/app_data/odrs/util.py b/app_data/odrs/util.py
index f55aef0..c7e22c3 100644
--- a/app_data/odrs/util.py
+++ b/app_data/odrs/util.py
@@ -39,10 +39,9 @@ def _get_datestr_from_dt(when):
 
 def _get_user_key(user_hash, app_id):
     from odrs import app
-    salt = app.config['ODRS_REVIEWS_SECRET']
     key = 'invalid'
     try:
-        key = hashlib.sha1(salt.encode('utf-8') +
+        key = hashlib.sha1(app.secret_key.encode('utf-8') +
                            user_hash.encode('utf-8') +
                            app_id.encode('utf-8')).hexdigest()
     except UnicodeEncodeError as e:

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]