diff --git a/.env.sample b/.env.sample index e69de29..1d3deb1 100644 --- a/.env.sample +++ b/.env.sample @@ -0,0 +1,4 @@ +# openssl rand -hex 32 +SECRET_KEY= +ALGORITHM=HS256 +ACCESS_TOKEN_EXPIRE_MINUTES=30 \ No newline at end of file diff --git a/app/main.py b/app/main.py index 18e2c42..e772e63 100755 --- a/app/main.py +++ b/app/main.py @@ -6,12 +6,13 @@ from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm from jose import JWTError, jwt from passlib.context import CryptContext from pydantic import BaseModel +from os import getenv # to get a string like this run: # openssl rand -hex 32 -SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7" -ALGORITHM = "HS256" -ACCESS_TOKEN_EXPIRE_MINUTES = 30 +SECRET_KEY = getenv("SECRET_KEY") +ALGORITHM = getenv("ALGORITHM") +ACCESS_TOKEN_EXPIRE_MINUTES = int(getenv("ACCESS_TOKEN_EXPIRE_MINUTES")) fake_users_db = {