Load jwt_key from config
This commit is contained in:
parent
c3f0b5d4eb
commit
21c2af2b92
@ -120,6 +120,7 @@
|
||||
"enabled": false,
|
||||
"listen_ip_address": "127.0.0.1",
|
||||
"listen_port": 8080,
|
||||
"jwt_secret_key": "somethingrandom",
|
||||
"username": "freqtrader",
|
||||
"password": "SuperSecurePassword"
|
||||
},
|
||||
|
@ -11,6 +11,7 @@ Sample configuration:
|
||||
"enabled": true,
|
||||
"listen_ip_address": "127.0.0.1",
|
||||
"listen_port": 8080,
|
||||
"jwt_secret_key": "somethingrandom",
|
||||
"username": "Freqtrader",
|
||||
"password": "SuperSecret1!"
|
||||
},
|
||||
@ -29,7 +30,7 @@ This should return the response:
|
||||
{"status":"pong"}
|
||||
```
|
||||
|
||||
All other endpoints return sensitive info and require authentication, so are not available through a web browser.
|
||||
All other endpoints return sensitive info and require authentication and are therefore not available through a web browser.
|
||||
|
||||
To generate a secure password, either use a password manager, or use the below code snipped.
|
||||
|
||||
@ -38,6 +39,9 @@ import secrets
|
||||
secrets.token_hex()
|
||||
```
|
||||
|
||||
!!! Hint
|
||||
Use the same method to also generate a JWT secret key (`jwt_secret_key`).
|
||||
|
||||
### Configuration with docker
|
||||
|
||||
If you run your bot using docker, you'll need to have the bot listen to incomming connections. The security is then handled by docker.
|
||||
|
@ -91,7 +91,8 @@ class ApiServer(RPC):
|
||||
self.app = Flask(__name__)
|
||||
|
||||
# Setup the Flask-JWT-Extended extension
|
||||
self.app.config['JWT_SECRET_KEY'] = 'super-secret' # Change this!
|
||||
self.app.config['JWT_SECRET_KEY'] = self._config['api_server'].get(
|
||||
'jwt_secret_key', 'super-secret')
|
||||
|
||||
self.jwt = JWTManager(self.app)
|
||||
self.app.json_encoder = ArrowJSONEncoder
|
||||
|
Loading…
Reference in New Issue
Block a user