mirror of
https://github.com/langgenius/dify.git
synced 2026-05-13 08:57:28 +08:00
39 lines
1.1 KiB
Python
39 lines
1.1 KiB
Python
"""SECRET_KEY persistence helpers for runtime setup."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import secrets
|
|
|
|
from extensions.ext_storage import storage
|
|
|
|
GENERATED_SECRET_KEY_FILENAME = ".dify_secret_key"
|
|
|
|
|
|
def resolve_secret_key(secret_key: str) -> str:
|
|
"""Return an explicit SECRET_KEY or a generated key persisted in storage."""
|
|
if secret_key:
|
|
return secret_key
|
|
|
|
return _load_or_create_secret_key()
|
|
|
|
|
|
def _load_or_create_secret_key() -> str:
|
|
try:
|
|
persisted_key = storage.load_once(GENERATED_SECRET_KEY_FILENAME).decode("utf-8").strip()
|
|
if persisted_key:
|
|
return persisted_key
|
|
except FileNotFoundError:
|
|
pass
|
|
|
|
generated_key = secrets.token_urlsafe(48)
|
|
|
|
try:
|
|
storage.save(GENERATED_SECRET_KEY_FILENAME, f"{generated_key}\n".encode())
|
|
except Exception as exc:
|
|
raise ValueError(
|
|
f"SECRET_KEY is not set and could not be generated at {GENERATED_SECRET_KEY_FILENAME}. "
|
|
"Set SECRET_KEY explicitly or make storage writable."
|
|
) from exc
|
|
|
|
return generated_key
|