Enforce SECRET_KEY requirement in production

sevein · sevein · commit 3455e0c79337 · 2025-10-30T16:52:17.000+01:00
diff --git a/AIPscan/__init__.py b/AIPscan/__init__.py
@@ -35,6 +35,17 @@ def create_app(config_name=None):
     app = Flask(__name__)
     app.config.from_object(config)
 
+    # Set up the secret key.
+    secret = os.getenv("SECRET_KEY") or app.config.get("SECRET_KEY")
+    if app.debug or app.testing:
+        app.config["SECRET_KEY"] = secret or "dev"
+    else:
+        if not secret or not str(secret).strip():
+            raise RuntimeError(
+                "SECRET_KEY must be set to a non-empty value when running in production."
+            )
+        app.config["SECRET_KEY"] = secret
+
     migrations_dir = os.path.abspath(
         os.path.join(os.path.dirname(__file__), "migrations")
     )
diff --git a/AIPscan/config.py b/AIPscan/config.py
@@ -20,9 +20,7 @@
 
 
 class Config:
-    # Be sure to set a secure secret key for production.
-    SECRET_KEY = os.getenv("SECRET_KEY", "you-will-never-guess")
-
+    SECRET_KEY = None
     DEBUG = False
     TESTING = False
 
diff --git a/AIPscan/tests/test_app.py b/AIPscan/tests/test_app.py
@@ -0,0 +1,46 @@
+"""Tests for Flask application factory configuration.
+
+Ensures that SECRET_KEY is properly validated in production and that
+development/test environments have appropriate fallback behavior.
+"""
+
+import pytest
+
+from AIPscan import create_app
+
+
+@pytest.mark.parametrize(
+    "config_name,secret_value,should_raise,expected_secret",
+    [
+        # Production requires valid SECRET_KEY.
+        ("default", None, True, None),
+        ("default", "", True, None),
+        ("default", "   ", True, None),
+        ("default", "super-secret", False, "super-secret"),
+        # Dev and test use fallback.
+        ("dev", None, False, "dev"),
+        ("test", None, False, "dev"),
+    ],
+    ids=[
+        "prod-rejects-missing-key",
+        "prod-rejects-empty-key",
+        "prod-rejects-whitespace-key",
+        "prod-accepts-valid-key",
+        "dev-provides-fallback-key",
+        "test-provides-fallback-key",
+    ],
+)
+def test_create_app_secret_key_handling(
+    monkeypatch, config_name, secret_value, should_raise, expected_secret
+):
+    """Test SECRET_KEY validation across all config environments."""
+    monkeypatch.delenv("SECRET_KEY", raising=False)
+    if secret_value is not None:
+        monkeypatch.setenv("SECRET_KEY", secret_value)
+
+    if should_raise:
+        with pytest.raises(RuntimeError, match="SECRET_KEY must be set"):
+            create_app(config_name)
+    else:
+        app = create_app(config_name)
+        assert app.config["SECRET_KEY"] == expected_secret
