[ckan-changes] [okfn/ckan] 6ced7c: [#1422] More secure default for the repoze secret ...
GitHub
noreply at github.com
Tue Jan 7 11:44:01 UTC 2014
Branch: refs/heads/1422-repoze-key
Home: https://github.com/okfn/ckan
Commit: 6ced7cbffaa256ba6d1117012cdb078ecc83191d
https://github.com/okfn/ckan/commit/6ced7cbffaa256ba6d1117012cdb078ecc83191d
Author: amercader <amercadero at gmail.com>
Date: 2014-01-07 (Tue, 07 Jan 2014)
Changed paths:
M ckan/config/middleware.py
M ckan/config/who.ini
Log Message:
-----------
[#1422] More secure default for the repoze secret key
The who.ini file has a secret key used during authentication. To make sure
users don't forget to update it we can use the beaker session secret which
is generated randomly when creating the ckan ini file.
If users define a secret in the who.ini file, this one will be used.
To do this, we use a small custom plugin that checks the secret key and
calls the core repoze plugin afterwards.
More information about the ckan-changes
mailing list