Fix secret scanning issues: Replace hardcoded credentials with environment variables

This commit is contained in:
Gan, Jimmy
2025-06-24 09:50:24 +08:00
parent e3c9f17a5d
commit a5d979b948
4 changed files with 12 additions and 12 deletions
+9 -9
View File
@@ -71,17 +71,17 @@ mold_cost_online_tool/
2. **Set up environment variables**
Create `.env.development` file for development:
```bash
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_USER=your_db_user
POSTGRES_PASSWORD=your_db_password
POSTGRES_DB=mold_cost
DATABASE_HOST=db_development
SECRET_KEY=your-secret-key
SECRET_KEY=your-secret-key-here
MAIL_SERVER=smtp.example.com
MAIL_USERNAME=your-email@example.com
MAIL_PASSWORD=your-password
MAIL_PASSWORD=your-mail-password
MAIL_DEFAULT_SENDER=your-email@example.com
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD=admin-password
ADMIN_PASSWORD=your-admin-password
```
3. **Start the development environment**
@@ -122,8 +122,8 @@ mold_cost_online_tool/
```bash
export FLASK_APP=run.py
export FLASK_ENV=development
export SECRET_KEY=your-secret-key
export DATABASE_URL=postgresql://user:password@localhost/dbname
export SECRET_KEY=your-secret-key-here
export DATABASE_URL=postgresql://your_user:your_password@localhost/your_dbname
```
6. **Initialize the database**
@@ -155,8 +155,8 @@ mold_cost_online_tool/
```bash
FLASK_APP=run.py
FLASK_ENV=production
SECRET_KEY=your-secure-secret-key
DATABASE_URL=postgresql://user:password@host/dbname
SECRET_KEY=your-secure-secret-key-here
DATABASE_URL=postgresql://your_user:your_password@your_host/your_dbname
```
3. **Start the application**
+1 -1
View File
@@ -6,7 +6,7 @@ from pathlib import Path
def get_db_url():
"""Get database URL from environment variables."""
db_user = os.getenv('DB_USER', 'mold_user')
db_password = os.getenv('DB_PASSWORD', 'mold_password')
db_password = os.getenv('DB_PASSWORD', 'your_db_password_here')
db_host = os.getenv('DB_HOST', 'localhost')
db_port = os.getenv('DB_PORT', '5434')
db_name = os.getenv('DB_NAME', 'mold_cost_calculator_dev')
+1 -1
View File
@@ -6,7 +6,7 @@ from pathlib import Path
def get_db_url():
"""Get database URL from environment variables."""
db_user = os.getenv('DB_USER', 'mold_user')
db_password = os.getenv('DB_PASSWORD', 'mold_password')
db_password = os.getenv('DB_PASSWORD', 'your_db_password_here')
db_host = os.getenv('DB_HOST', 'localhost')
db_port = os.getenv('DB_PORT', '5434')
db_name = os.getenv('DB_NAME', 'mold_cost_calculator_dev')
+1 -1
View File
@@ -1,5 +1,5 @@
import os
os.environ["SECRET_KEY"] = "XV@hLx*f5dezwYj36py$LKtMm6Qugyuv"
os.environ["SECRET_KEY"] = os.getenv("TEST_SECRET_KEY", "test-secret-key-for-testing-only")
from app import create_app, db
from app.models import User, Quotation