Move keys to env variable

app/__init__.py

@@ -3,12 +3,14 @@
 Initialize the modules needed for the website
 """
 
+import os
+
 from flask import Flask
 
 
 class Config():
     """Config settings for the application"""
-    SECRET_KEY = 'vteUjB3NkP0sN6KwmFNHyW8JWkmeYRKN'
+    SECRET_KEY = os.environ["SECRET_KEY"]
     SEND_FILE_MAX_AGE_DEFAULT = 1296000
 
 

app/flaskr.py

@@ -3,17 +3,15 @@
 Website for Craftbroec RR stuff
 """
 
+import os
 import hashlib
 import hmac
-
 from subprocess import call
+
 from flask import jsonify, abort, request
 from app import app
 
 
-secret = b'JdFILOA1O7x6WTcsphlszmeQqU5ngoKZ'
-
-
 @app.route('/')
 def index():
     """Show index page"""
@@ -23,6 +21,7 @@ def index():
 @app.route('/deploy', methods=['POST'])
 def deploy():
     """Run deploy script"""
+    secret = os.environ["WEBHOOK_KEY"]
     digest = hmac.new(secret, request.data, hashlib.sha256).hexdigest()
     signature = request.headers['X-Gogs-Signature']
     if len(signature) < 2 or not hmac.compare_digest(signature, digest):

example.env

@@ -7,3 +7,7 @@ FLASK_DEBUG=1
 FLASK_ENV=development
 FLASK_SKIP_DOTENV=true
 TESTING=True
+
+# Own
+WEBHOOK_KEY=PLACEHOLDER
+SECRET_KEY=PLACEHOLDER