Flask – config files

One way to use different server setup configurations for Flask.

The tips in the official part can be found here

In the official instructions, among other things, they give recommendations to do through configuration changes:

def create_app():
app = Flask(__name__)

# app.config.from_object (‘config.DevelopmentConfig’)
app.configfrom_object(‘config.ProductionConfig’)

return app

The disadvantage of this approach is in the fill. Before sending changes to the server, you will have to constantly comment / uncomment the code.

For myself, I found another way more convenient.

def create_app():
app = Flask(__name__)

app.configfrom_object(Config)
app.configfrom_pyfile(‘../config-extended.py’)

return app

ploshadka.net/config.py – you need to create this file yourself on the server, because there is important secret information. And we create the same on our local computer. And if necessary, also on the test.

ploshadka.net/config-extended.py – this file will be sent to git and there is nothing important here from a security point of view.

Now, depending on the location of the code, a different server configuration will be pulled.

File contents config.py could be like this:

import os

class Config(object):
DEBUG = True
SECRET_KEY = osenvironget(‘SECRET_KEY’) or ‘fsdkfd32r234fsdf’
SQLALCHEMY_DATABASE_URI = ‘postgresql: // localhost / db_name’

################
# Flask-Security
################

SECURITY_PASSWORD_HASH = “pbkdf2_sha512”
SECURITY_PASSWORD_SALT = “fsdfdfsdfdfsdafds”

On the server, the same file:

import os

class Config(object):
DEBUG = False
SECRET_KEY = osenvironget(‘SECRET_KEY’) or ‘fsDFKsmf923jnagd’
SQLALCHEMY_DATABASE_URI = ‘postgresql: // user: pass / db_name’
SQLALCHEMY_TRACK_MODIFICATIONS = False

################
# Flask-Security
################

SECURITY_PASSWORD_HASH = “pbkdf2_sha512”
SECURITY_PASSWORD_SALT = “fsdfk3fsdDFFdfsr0fsa”

It should be noted that data such as SECRET_KEY, SECURITY_PASSWORD_SALT or the like can be stored even more safely in environment variables. But this is a topic for a separate article and will not be dealt with here.

File contents config-extended.py could be like this:

SQLALCHEMY_TRACK_MODIFICATIONS = False

################
# Flask-Security
################

# URLs
SECURITY_URL_PREFIX = “/ admin”
SECURITY_LOGIN_URL = “/ login /”
SECURITY_LOGOUT_URL = “/ logout /”
SECURITY_POST_LOGIN_VIEW = “/ admin /”
SECURITY_POST_LOGOUT_VIEW = “/ admin /”
SECURITY_POST_REGISTER_VIEW = “/ admin /”

# Includes registration
SECURITY_REGISTERABLE = True
SECURITY_REGISTER_URL = “/ register /”
SECURITY_SEND_REGISTER_EMAIL = False

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *