From aa212e2f1ffdc39d2bb13f7b5110af92e152b4dc Mon Sep 17 00:00:00 2001
From: Sage Vaillancourt <sagev9000@tutanota.com>
Date: Sat, 24 Sep 2022 10:25:04 -0400
Subject: [PATCH] Add secret key fallback with warning.

---
 undercover/__init__.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/undercover/__init__.py b/undercover/__init__.py
index 8f93f33..d6ea145 100644
--- a/undercover/__init__.py
+++ b/undercover/__init__.py
@@ -1,6 +1,7 @@
 # Copyright Sage Vaillancourt 2021
 
 import os
+import sys
 
 from flask import Flask
 
@@ -12,8 +13,12 @@ def create_app(test_config=None):
     optimize_css_file()
 
     app = Flask(__name__, instance_relative_config=True)
+    secret_key = os.environ.get('UNDERCOVER_SECRET_KEY')
+    if not secret_key:
+        sys.stderr.write("WARNING: UNDERCOVER_SECRET_KEY is not defined! Application may be insecure.\n")
+        secret_key = "dev"
     app.config.from_mapping(
-        SECRET_KEY=os.environ['UNDERCOVER_SECRET_KEY'],
+        SECRET_KEY=secret_key,
         # DATABASE=os.path.join(app.instance_path, 'undercover.sqlite'),
     )