shukivaknin/gniza4linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix web login: use consistent API key instead of re-reading config

Browse Source 
The login handler was re-reading the config on each attempt, which
returned empty when no key was set, causing all logins to fail.
Now uses the key resolved at startup (from config or generated).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
shuki
2026-03-06 05:40:39 +02:00
parent cf00ecdd4b
commit ea3533ac49
1 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
web/app.py
View File

@@ -66,20 +66,22 @@ def create_app():
template_folder=str(Path(__file__).resolve().parent / "templates"), template_folder=str(Path(__file__).resolve().parent / "templates"),
) )
api_key = _get_api_key() stored_key = _get_api_key()
if not api_key: if not stored_key:
api_key = secrets.token_urlsafe(32) stored_key = secrets.token_urlsafe(32)
print(f"WARNING: No WEB_API_KEY configured. Generated temporary key: {api_key}") print(f"\n{'='*60}")
print("Set WEB_API_KEY in gniza.conf to persist this key.") print(f" No WEB_API_KEY configured.")
print(f" Generated temporary key: {stored_key}")
print(f" Set WEB_API_KEY in gniza.conf to persist this key.")
print(f"{'='*60}\n")
app.secret_key = api_key app.secret_key = stored_key
@app.route("/login", methods=["GET", "POST"]) @app.route("/login", methods=["GET", "POST"])
def login(): def login():
if request.method == "POST": if request.method == "POST":
token = request.form.get("token", "") token = request.form.get("token", "")
current_key = _get_api_key() or api_key if token and secrets.compare_digest(token, stored_key):
if secrets.compare_digest(token, current_key):
session["authenticated"] = True session["authenticated"] = True
return redirect(url_for("dashboard")) return redirect(url_for("dashboard"))
flash("Invalid API key.") flash("Invalid API key.")