Support secret key fallbacks

pgjones · pgjones · commit b5593ca4c8c6 · 2024-12-24T20:19:20.000Z
These allow for key rotation (multiple active keys allowed until the
older is retired). The naming matches Flask.
diff --git a/src/quart/app.py b/src/quart/app.py
@@ -258,6 +258,7 @@ class Quart(App):
             "PROVIDE_AUTOMATIC_OPTIONS": True,
             "RESPONSE_TIMEOUT": 60,  # Second
             "SECRET_KEY": None,
+            "SECRET_KEY_FALLBACKS": None,
             "SEND_FILE_MAX_AGE_DEFAULT": timedelta(hours=12),
             "SERVER_NAME": None,
             "SESSION_COOKIE_DOMAIN": None,
diff --git a/src/quart/sessions.py b/src/quart/sessions.py
@@ -149,12 +149,17 @@ def get_signing_serializer(self, app: Quart) -> URLSafeTimedSerializer | None:
         if not app.secret_key:
             return None
 
+        keys: list[str | bytes] = [app.secret_key]
+
+        if fallbacks := app.config["SECRET_KEY_FALLBACKS"]:
+            keys.extend(fallbacks)
+
         options = {
             "key_derivation": self.key_derivation,
             "digest_method": self.digest_method,
         }
         return URLSafeTimedSerializer(
-            app.secret_key,
+            keys,  # type: ignore[arg-type]
             salt=self.salt,
             serializer=self.serializer,
             signer_kwargs=options,
