-
Notifications
You must be signed in to change notification settings - Fork 154
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(core): Add support for secret key rotation #1039
Conversation
This iooks great - thanks! The test failures are due to latest Flask 3.1 which I am looking into in the next few days. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1039 +/- ##
=======================================
Coverage 98.36% 98.36%
=======================================
Files 37 37
Lines 4762 4764 +2
=======================================
+ Hits 4684 4686 +2
Misses 78 78 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks
docs/configuration.rst
Outdated
.. py:data:: SECRET_KEY_FALLBACKS | ||
|
||
This is a list of old secret keys that can still be used to unsign tokens | ||
that were created with previous secret keys. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add the same wording as above - that is is a Flask (>=3.1) configuration used by Flask-Security. I would also remove the 'default' since we don't control that - users should look at the Flask documentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated! Let me know what you think. Happy to change it again if you prefer something different. Thanks for the quick review!
This PR adds support for secret key rotation and fixes #1038