-
Notifications
You must be signed in to change notification settings - Fork 36
/
flask.cfg
48 lines (41 loc) · 1.69 KB
/
flask.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
from os import getenv
from dotenv import load_dotenv
load_dotenv()
MONGODB_SETTINGS = {
'db': getenv('MONGO_DB'),
'host': getenv('MONGO_HOST'),
'port': int(getenv('MONGO_PORT'))
}
DEBUG = getenv("FLASK_DEBUG")
SECURITY_TRACKABLE = True
SESSION_COOKIE_SAMESITE = "Strict"
SECRET_KEY = getenv("FLASK_SECRET_KEY")
SECURITY_PASSWORD_SALT = getenv("FLASK_SECURITY_PASSWORD_SALT")
SECURITY_TWO_FACTOR = getenv("FLASK_MFA") == "True"
SECURITY_TWO_FACTOR_REQUIRED = getenv("FLASK_MFA") == "True"
SECURITY_LOGIN_USER_TEMPLATE = "login.html"
SECURITY_TWO_FACTOR_ENABLED_METHODS = ['authenticator']
SECURITY_TWO_FACTOR_SETUP_URL = "/mfa/register"
SECURITY_TWO_FACTOR_TOKEN_VALIDATION_URL = "/mfa/verify"
SECURITY_TWO_FACTOR_SETUP_TEMPLATE = "mfa_register.html"
SECURITY_TWO_FACTOR_VERIFY_CODE_TEMPLATE = "mfa_verify.html"
SECURITY_TWO_FACTOR_ALWAYS_VALIDATE = False
SECURITY_TWO_FACTOR_LOGIN_VALIDITY = "1 weeks"
SECURITY_TOTP_ISSUER = f"PurpleOps - {getenv('NAME')}"
SECURITY_TOTP_SECRETS = {"1": getenv("FLASK_SECURITY_TOTP_SECRETS")}
SECURITY_CHANGEABLE = True
SECURITY_CHANGE_URL = "/password/change"
SECURITY_CHANGE_PASSWORD_TEMPLATE = "password_change.html"
SECURITY_POST_CHANGE_VIEW = "/password/changed"
SECURITY_SEND_REGISTER_EMAIL = False
SECURITY_SEND_PASSWORD_CHANGE_EMAIL = False
SECURITY_SEND_PASSWORD_RESET_EMAIL = False
SECURITY_SEND_PASSWORD_RESET_NOTICE_EMAIL = False
SECURITY_PASSWORD_LENGTH_MIN = 12
SECURITY_TWO_FACTOR_RESCUE_EMAIL = False
SECURITY_EMAIL_VALIDATOR_ARGS = {"check_deliverability": False}
# TODO review post pentest
# SESSION_COOKIE_SECURE = True
# REMEMBER_COOKIE_SECURE = True
# WTF_CSRF_ENABLED = True
# SECURITY_CSRF_COOKIE = {"samesite": "Strict", "httponly": False, "secure": True}