diff --git a/airflow/config_templates/default_airflow.cfg b/airflow/config_templates/default_airflow.cfg index 9d240b83238..b957d413551 100644 --- a/airflow/config_templates/default_airflow.cfg +++ b/airflow/config_templates/default_airflow.cfg @@ -250,6 +250,8 @@ worker_refresh_batch_size = 1 worker_refresh_interval = 30 # Secret key used to run your flask app +# If default value is given ("temporary_key"), a random secret_key will be generated +# when you launch your webserver for security reason secret_key = temporary_key # Number of workers to run the Gunicorn web server diff --git a/airflow/www_rbac/app.py b/airflow/www_rbac/app.py index 92e5c73881d..8d3400a6680 100644 --- a/airflow/www_rbac/app.py +++ b/airflow/www_rbac/app.py @@ -19,6 +19,7 @@ # import socket import six +import os from flask import Flask from flask_appbuilder import AppBuilder, SQLA @@ -42,7 +43,10 @@ def create_app(config=None, session=None, testing=False, app_name="Airflow"): global app, appbuilder app = Flask(__name__) app.wsgi_app = ProxyFix(app.wsgi_app) - app.secret_key = conf.get('webserver', 'SECRET_KEY') + if conf.get('webserver', 'SECRET_KEY') == "temporary_key": + app.secret_key = os.urandom(16) + else: + app.secret_key = conf.get('webserver', 'SECRET_KEY') airflow_home_path = conf.get('core', 'AIRFLOW_HOME') webserver_config_path = airflow_home_path + '/webserver_config.py'