From 1484d678cee3c9767558a9f0bf3600a37f261e8e Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <rpm@fthiessen.de>
Date: Mon, 21 Feb 2022 21:03:15 +0100
Subject: [PATCH] feat(security): Enforce secret key for flask application.

---
 flaschengeist/config.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/flaschengeist/config.py b/flaschengeist/config.py
index 9cf3b69..3dfb078 100644
--- a/flaschengeist/config.py
+++ b/flaschengeist/config.py
@@ -89,10 +89,10 @@ def configure_app(app, test_config=None):
     )
 
     if "secret_key" not in config["FLASCHENGEIST"]:
-        logger.warning("No secret key was configured, please configure one for production systems!")
-        app.config["SECRET_KEY"] = "0a657b97ef546da90b2db91862ad4e29"
-    else:
-        app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"]
+        logger.critical("No secret key was configured, please configure one for production systems!")
+        raise RuntimeError("No secret key was configured")
+
+    app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"]
 
     if test_config is not None:
         config["DATABASE"]["engine"] = "sqlite"