{"id":14065447,"url":"https://github.com/nickjj/flask-secrets","last_synced_at":"2025-04-12T13:04:23.699Z","repository":{"id":57430701,"uuid":"314069238","full_name":"nickjj/flask-secrets","owner":"nickjj","description":"A Flask CLI extension to generate random secret tokens.","archived":false,"fork":false,"pushed_at":"2020-11-19T17:23:49.000Z","size":19,"stargazers_count":13,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-05-10T22:02:41.013Z","etag":null,"topics":["flask","flask-cli"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nickjj.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-11-18T22:04:34.000Z","updated_at":"2023-09-14T14:07:42.000Z","dependencies_parsed_at":"2022-09-13T15:23:38.347Z","dependency_job_id":null,"html_url":"https://github.com/nickjj/flask-secrets","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjj%2Fflask-secrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjj%2Fflask-secrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjj%2Fflask-secrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjj%2Fflask-secrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nickjj","download_url":"https://codeload.github.com/nickjj/flask-secrets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223518568,"owners_count":17158689,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["flask","flask-cli"],"created_at":"2024-08-13T07:04:29.820Z","updated_at":"2024-11-07T13:04:42.053Z","avatar_url":"https://github.com/nickjj.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# What is Flask-Secrets? ![CI](https://github.com/nickjj/flask-secrets/workflows/CI/badge.svg?branch=master)\n\nIt's a Flask CLI extension that makes it easy to generate secure secret keys\nand tokens.\n\nAfter installing it you'll be able to run `flask secrets` to generate a number\nof tokens that you can use for your `SECRET_KEY`, database passwords, API keys,\nauth tokens or whatever else you need secret tokens for.\n\n## Table of contents\n\n- [Installation](#installation)\n- [Ensuring the `secrets` command is available](#ensuring-the-secrets-command-is-available)\n- [Going over the `secrets` command](#going-over-the-secrets-command)\n- [FAQ](#faq)\n  - [Why are the tokens prefixed with dev, test and prod?](#why-are-the-tokens-prefixed-with-dev-test-and-prod)\n  - [Why did you generate 10 tokens for each prefix?](#why-did-you-generate-10-tokens-for-each-prefix)\n  - [Why did you pick 99 characters as a length?](#why-did-you-pick-99-characters-as-a-length)\n  - [Why did you limit tokens to letters and digits?](#why-did-you-limit-tokens-to-letters-and-digits)\n- [About the Author](#about-the-author)\n\n## Installation\n\n`pip3 install Flask-Secrets`\n\nThat's it!\n\nThere's no need to even import or initialize anything in your Flask app because\nit's just a CLI command that gets added to your Flask app.\n\n*But if you're curious, a complete example Flask app can be found in the\n[tests/\ndirectory](https://github.com/nickjj/flask-secrets/tree/master/tests/example_app).*\n\n#### Requirements:\n\n- Python 3.6+\n- Flask 1.0+\n\n## Ensuring the `secrets` command is available\n\nYou'll want to make sure to at least set the `FLASK_APP` environment variable:\n\n```sh\n# Replace `hello.app` with your app's name.\nexport FLASK_APP=hello.app\nexport FLASK_ENV=development\n```\n\nThen run the `flask` binary to see its help menu:\n\n```sh\n\nUsage: flask [OPTIONS] COMMAND [ARGS]...\n\n  ...\n\nCommands:\n  secrets  Generate a set of random secret tokens.\n```\n\nIf all went as planned you should see the new `secrets` command added to your\nlist of commands.\n\n## Going over the `secrets` command\n\nRunning `flask secrets --help` will produce this help menu:\n\n```sh\nUsage: flask secrets [OPTIONS]\n\n  Generate a set of random secret tokens.\n\n  They are suitable for your SECRET_KEY, passwords, API keys and more.\n\nOptions:\n  --length INTEGER  Character length.  [default: 99]\n  --count INTEGER   Generate N tokens.  [default: 10]\n  --prefix TEXT     1 or more key prefixes.  [default: dev_, test_, prod_]\n  --help            Show this message and exit.\n\n```\n\nAnd if you run `flask secrets`, you'll end up with something like this by\ndefault:\n\n```sh\ndev_zQ0xyfjkundFVF9GiR0PnT8DbTVczXd3yumese3RGlKax6OIOBWku4giwUL45LKIPhnCaxSfNNyuMUU5CgZnrplmlaHBvQAAFx0\ndev_CDJ7VtrzXn7n87bw3nJORaSAUHeRTW7Y66habnI5araUlDNBj1XZJhEVUZoQbnmC1DyFrVWEb7o3gTHl6yd8brqe7frJtqu0PDR\ndev_568Fu6SX4JsvtY1IoIpH9ZDzx2TO6kaNcRBCDJ4s4dmAK6cODcs33qawHTDeW8ENXYT5YI0Q8upRT2oSBjEoyX8tENyPu89awSd\ndev_Y6vZbxzy86bn5fX2fmXMcPgtL02zBXAeuAQfUdLJ64yycZWTOoVBr0qJRyYvz0T1D5XTKOpon6ngVGhDmOsdOjhtNDF89ftJgOy\ndev_1dQ5K3YE2ORh1XJuR1pzPuagiB1fhGIvDNzIe5rBi8SiRoN0IYkKz8lSqUUwi1I6Xe7mWG6Z2938NgfnlYjeMQUFe18CFI5rh4l\ndev_Tj5EknS2VPXcqSHAHm0NPZzDhMspcE0VMyo6I6SHGdXpUqMysryl3iPPMaoFrR2OmccEpvq5zSv6BGMf5KPBH8hEYlUKcpA8Jfm\ndev_wNnDkOeMUlE0mFu7UPi5b2pkizns5bLhtrqCcdmEXks7sDbIsmgVGaph6eO6zXyUd5YwjFec4JVFB0bRxphZ5PB4t1OKCic5QR5\ndev_UNAXyQodUA2kiQlAwUKxvLxGd9MmsDOplwAq2omP3R7z5ibEd1ICXR5tA2mBdIoe4jrK6c2pbL0ERuoVjXqTOqYtIDZY9p71PGh\ndev_WQcLSeXc4h9iZqb7SV0CUH9vWNmwg3quJGflxZ9qzMqoq1nKMa1N091rzVBCqbAsykF2v0SmhRKpPHrZ1xIjV9rrDaRuFVKH0Nj\ndev_Sr8rN495pBnE6IBwiSYefQWfNX87mTvBmiHzBpTTJVNeTZSs6xZEjByH5zlp7BOrykvmNqscA6Iat4VOyOR9pRdrNmcah20V3YB\ntest_UyPdaxcL836BTzqHYZ3sLkQj6bzJUsmMqENP4sMoTpc7QarsluSBTmgjTdCy3zvocrNafXPliMAwENgiORwzb5pBWsrBNNXUiJi\ntest_6PwVF9TlUybXpWuraV9qPP9RESHiDrqY7AMVrPuI2hFLs68ePf9VoazBHlrLtX1uOeDEQN0rPPUP2H06hkSG8RWOF3DiOGyhmda\ntest_zdVPbucsNsJC5Ay8bf9AkByeyKPcKhmWnbXSdu84derV4RWjk2n2I2ouY3C1ta7xWp6uRnFIgDT56vYFozhpfVwbXHhkHskulVi\ntest_JDesFe6K7MHhQY2g9CwdWBm44ZEQ3hWFTCxcZ37KnLP4eajVj1ol616G3ZkIdr7ST3m71g5UFhXEurVexle7rWfNnDCId4EWsw1\ntest_p4MJpL8uG15dge6jfMqLbW339s7i9Uk2mU12mDbtHqWM14SEqn1YlYbqfDStVaMXFZ9Bsnlv5OeoveTq8ERNz1WZSm4vYJbhKkV\ntest_5AAsQEyu8ffekPzqhYFU2yJ97AHhnoIO30TkYZ9NfI7N9tUA68TiXj8xj5pka0Wu9YffnMgfhfkukVPS9LqE5JYhnsG8LzN2IzJ\ntest_ymQxojdxDCvOxokGE6Y2w6LkZQwwJIRiL59SjBQuSZ4rDr7aTF42s2IcCOIqbOvlO1eskaPFSyDdvw57XmX7oRe4Bh4sgptdDHx\ntest_b5SY9YG7r0j6UI8SvJDOycI6uoXNfnbrO5aA3wqHopDhtCsSPhoLnFoQVJWJevMfEIKpTr0TDlo3A1166FN88wH51RD3PgAMdJ1\ntest_8R9AydIXx3gju5QCwH9E0ex9lJJ8r92bUDGdzbymkruQ1VlqBJlCJvxd5BCIUfEec1DxT0FMoeYqaGGs2IZLZsmrnh6CraiaCtk\ntest_bMQuKfxX7Zmr3nCvQIHUyLNjroyQab9B3x0ZDS7A99OVpfzqJMkhxxVvWQ8TtBAYgUZhVkGNlHDhQwlrIWiBAgDBLZhAW6nRNcw\nprod_rqld1qJJJyfT7zYpMN2G9t1AkcoR9IIQzzapNSBzpFsw3EjYnMManHe7v98i202kzTO9RdEIRjIGQH0Qc5qVzPfnkmITob1XJuT\nprod_JEH0geowxZBCoYPURzAasexTJkQXqPK7qG8VmFGxEcyA0NkcG4NnBjKqWMgMmElOIP5TN3UuNjLg3gzvM3pFj1ckhD5Qpyg1ztY\nprod_tobmUu7IaYo2Qgq9LXEGIpaVa1jxWlJqlHDoMhWHsdkxwESL6F5eG5KJDKLwVEnS3nzRl8BOhmPLhet4c600Fm69U7F6A6jpVHV\nprod_H4vBS42lNobZ8jnoPX0QvVsDAzSvCWnPPdmbiWOueSwmMSknv485Eq38OjMNSmNdOcFzlRFplXNo3TXWCuDmVCvWsdcVfPsdtGj\nprod_q3jPJ9rCiuNEx8Uyz2jW16zQ5SqYaehitUnQoGe74CMJAN4btF73jzyrgGAiSqGBL949kuNt3Yl9GcVY9SixC9mCLfP52sQoadt\nprod_mWDTYYW4b8TGQ1DfUFYW1SLKI3YLzPzPzThqUlVKWaOU9G7tYSybar4ZPIMsDNtqTih6S6vULRxsZU5xMk1lriGy6roje2fZ006\nprod_eGXFj5bJLPNmvHorgv7m9r0YNxhOy1tKG2A0WUT5jWYUj7YS9MPW2mHRJulNMIh7qTdvQMZGFtfC5ueuP4aFmOWQTBy744m5JLw\nprod_hx94QSlPiR5pD3DX0YJJlANBbOm0Xjg6fc0Pbhn27PpYYVxzc9hkGLgquDl87gm0cltZGfKXdvaeRevfEaxIOytzFEZR1tfwXZ2\nprod_Vlgc1gK9mOjrd8xUaNPRzyA3e0owdedViWhYd3wj0iEfgdjZRoFFjkVhV3tA9YhsA49k0hMDz8dTYDGqPXN5zRfR9Ruzoe6zoOo\nprod_i1c8G6QdaxjHwGMmj6myc2Tvd1MpUoPSfDXpeb26QfIDitiW9R41Jf8sNFBlrpQE4ugEdhtM6pjiCzDx7MAoyKKeTdhlk2Z54X8\n\n```\n\nThere's 1 token on each line and they're generated with uppercase / lowercase\nletters and digits.\n\n#### 30 random tokens\n\nBy default you'll get 10 tokens for each environment you might run your app in.\nEach token can be used individually however you see fit across any environment.\nThey are not associated to each other in any way shape or form.\n\n## FAQ\n\n### Why are the tokens prefixed with dev, test and prod?\n\nThis is a convention I took from Stripe. I really like how Stripe's keys\ninclude prefixes like `pk_test_`, `sk_test_`, `pk_live_` and `sk_live_`. At a\nglance you can tell what type of key it's for and what environment it's\nassociated to.\n\nBy default this tool prefixes each environment you might run your app in. You\ncan always customize the prefixes by passing in 1 or more prefix flags, such as\n`--prefix apples_ --prefix oranges_`. You can also do `--prefix \"\"` to omit any\ntype of prefix.\n\n### Why did you generate 10 tokens for each prefix?\n\nMost real world applications will require having at least a `SECRET_KEY`, \nPostgreSQL password and maybe a Redis password too.\n\nThat puts us at needing at least 3 tokens. If you happen to be doing client\nwork you might find yourself creating additional passwords for various services\ntoo. It adds up!\n\nIf this tool only generated 1 token at a time then you would need to run it a\nbunch of times. 10 seemed like a reasonable balance between being enough for\nmost apps and not being obnoxiously long in terms of output.\n\nYou can always customize the count with `--count 3` to generate however many\ntokens you want.\n\n### Why did you pick 99 characters as a length?\n\nIt's what Stripe uses when generating their API keys. When it comes to security,\nthe last thing you want to do is guess at stuff or undershoot the length.\n\nChances are they put a lot of thought into that value and 99 chars should not\nbe crackable for many trillions of years!\n\nIf you use a prefix, it really comes out to be 99 + the prefix's length too.\nThe prefix gets prepended to the token after it's been generated with whatever\nthe length value is.\n\nIf 99 isn't enough, you can always customize it with `--length 128`.\n\n### Why did you limit tokens to letters and digits?\n\nTechnically Python3 supports generating URL safe tokens that include\nunderscores and hyphens, but I chose against that because if you decide to\nprefix your tokens such as `prod_`, then I didn't want to worry about maybe\nwanting to parse those tokens later by splitting on an underscore and then\nending up with more than 2 items in the split list.\n\nThat and it's what Stripe does too. Again, you can't go too wrong following\ntheir standards!\n\n## About the author\n\n- Nick Janetakis | \u003chttps://nickjanetakis.com\u003e | [@nickjanetakis](https://twitter.com/nickjanetakis)\n\nIf you're interested in learning Flask I have a 20+ hour video course called\n[Build a SAAS App with\nFlask](https://buildasaasappwithflask.com/?utm_source=github\u0026utm_medium=flasksecrets\u0026utm_campaign=readme).\nIt's a course where we build a real world SAAS app. Everything about the course\nand demo videos of what we build is on the site linked above.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjj%2Fflask-secrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnickjj%2Fflask-secrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjj%2Fflask-secrets/lists"}