Store cookie key in db rather than cache

supysonic/utils.py

@@ -0,0 +1,23 @@
+# coding: utf-8
+#
+# This file is part of Supysonic.
+# Supysonic is a Python implementation of the Subsonic server API.
+#
+# Copyright (C) 2019 Alban 'spl0k' Féron
+#
+# Distributed under terms of the GNU AGPLv3 license.
+
+from base64 import b64encode, b64decode
+from os import urandom
+from pony.orm import db_session, ObjectNotFound
+
+from supysonic.db import Meta
+
+@db_session
+def get_secret_key(keyname):
+    try:
+        key = b64decode(Meta[keyname].value)
+    except ObjectNotFound:
+        key = urandom(128)
+        Meta(key = keyname, value = b64encode(key).decode())
+    return key

supysonic/web.py

@@ -14,12 +14,13 @@ import logging
 import mimetypes
 
 from flask import Flask
-from os import makedirs, path, urandom
+from os import makedirs, path
 from pony.orm import db_session
 
 from .config import IniConfig
 from .cache import Cache
 from .db import init_database
+from .utils import get_secret_key
 
 logger = logging.getLogger(__package__)
 
@@ -69,15 +70,7 @@ def create_application(config = None):
         makedirs(cache_path) # pragma: nocover
 
     # Read or create secret key
-    secret_path = path.join(cache_path, 'secret')
+    app.secret_key = get_secret_key('cookies_secret')
-    if path.exists(secret_path):
-        with io.open(secret_path, 'rb') as f:
-            app.secret_key = f.read()
-    else:
-        secret = urandom(128)
-        with io.open(secret_path, 'wb') as f:
-            f.write(secret)
-        app.secret_key = secret
 
     # Import app sections
     if app.config['WEBAPP']['mount_webui']: