Browse Source

fix: jwt-python-hardcoded-secret-86

pull/14752/head^2
root 6 months ago
parent
commit
51d86f47aa
  1. 3
      docs_src/security/tutorial004_an_py39.py

3
docs_src/security/tutorial004_an_py39.py

@ -1,3 +1,4 @@
import os
from datetime import datetime, timedelta, timezone from datetime import datetime, timedelta, timezone
from typing import Annotated, Union from typing import Annotated, Union
@ -10,7 +11,7 @@ from pydantic import BaseModel
# to get a string like this run: # to get a string like this run:
# openssl rand -hex 32 # openssl rand -hex 32
SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7" SECRET_KEY = os.environ.get("SECRET_KEY", "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7")
ALGORITHM = "HS256" ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30 ACCESS_TOKEN_EXPIRE_MINUTES = 30

Loading…
Cancel
Save