Updated the configuration files

README.md

@@ -32,6 +32,7 @@ using the micro framework Flask.
 
 * Create a virtualenv
 * Install the dependencies with `pip install -r requirements.txt`
+* Copy `flaskbb/configs/development.py.example` to `flaskbb/configs/development.py`
 * Create the database with some example content `python manage.py createall`
 * Run the development server `python manage.py runserver`
 * Visit [localhost:8080](http://localhost:8080)

flaskbb/configs/base.py

@@ -34,19 +34,20 @@ class BaseConfig(object):
     INFO_LOG = "info.log"
     ERROR_LOG = "error.log"
 
-    # This is the secret key that is used for session signing.
-    # You can generate a secure key with os.urandom(24)
-    SECRET_KEY = 'secret key'
-
-    # SQLAlchemy connection options
+    # Default Database
     SQLALCHEMY_DATABASE_URI = 'sqlite:///' + _basedir + '/' + \
                               PROJECT + ".sqlite"
     # sqlite for testing/debug.
-    SQLALCHEMY_ECHO = True
+    SQLALCHEMY_ECHO = False
+
+    # Security
+    # This is the secret key that is used for session signing.
+    # You can generate a secure key with os.urandom(24)
+    SECRET_KEY = 'secret key'
 
     # Protection against form post fraud
     WTF_CSRF_ENABLED = True
-    WTF_CSRF_SESSION_KEY = "reallyhardtoguess"
+    WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
 
     # Auth
     LOGIN_VIEW = "auth.login"
@@ -56,9 +57,6 @@ class BaseConfig(object):
     CACHE_TYPE = "simple"
     CACHE_DEFAULT_TIMEOUT = 60
 
-    # Recaptcha
-    RECAPTCHA_ENABLE = False
-
     # Pagination
     POSTS_PER_PAGE = 10
     TOPICS_PER_PAGE = 10

flaskbb/configs/development.py → flaskbb/configs/development.py.example

@@ -14,23 +14,31 @@ class DevelopmentConfig(BaseConfig):
 
     # Indicates that it is a dev environment
     DEBUG = True
-    SECRET_KEY = "SecretKeyForSessionSigning"
 
     # SQLAlchemy connection options
     SQLALCHEMY_DATABASE_URI = 'sqlite:///' + BaseConfig._basedir + '/' + \
                               BaseConfig.PROJECT + ".sqlite"
     SQLALCHEMY_ECHO = True
 
-    # Protection against form post fraud
-    CSRF_ENABLED = True
-    CSRF_SESSION_KEY = "reallyhardtoguess"
-
-    # Caching
-    CACHE_TYPE = "simple"
-    CACHE_DEFAULT_TIMEOUT = 60
+    # Security
+    SECRET_KEY = "SecretKeyForSessionSigning"
+    WTF_CSRF_ENABLED = True
+    WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
 
     # Recaptcha
+    # To get recaptcha, visit the link below:
+    # https://www.google.com/recaptcha/admin/create
+    RECAPTCHA_ENABLE = False
     RECAPTCHA_USE_SSL = False
-    RECAPTCHA_PUBLIC_KEY = "6LfUZ9YSAAAAANtDdyew22z2lnjz-K0Dx8M-gkey"
-    RECAPTCHA_PRIVATE_KEY = "6LfUZ9YSAAAAAHgDBflMFQTVdlTA3__yYx8CBGII"
+    RECAPTCHA_PUBLIC_KEY = "your_public_key"
+    RECAPTCHA_PRIVATE_KEY = "your_private_key"
     RECAPTCHA_OPTIONS = {"theme": "white"}
+
+    # Mail
+    MAIL_SERVER = "smtp.googlemail.com"
+    MAIL_PORT = 465
+    MAIL_USE_SSL = True
+    MAIL_USERNAME = "flaskbb@gmail.com"
+    MAIL_PASSWORD = "your_password"
+    MAIL_DEFAULT_SENDER = "flaskbb.com"
+    ADMINS = ["flaskbb@gmail.com"]

flaskbb/configs/example.py

@@ -1,55 +0,0 @@
-"""
-    flaskbb.configs.example
-    ~~~~~~~~~~~~~~~~~~~~
-
-    This is how a production configuration can look like.
-
-    :copyright: (c) 2013 by the FlaskBB Team.
-    :license: BSD, see LICENSE for more details.
-"""
-from flaskbb.configs.base import BaseConfig
-
-
-class ProductionConfig(BaseConfig):
-    # Logs
-    # If SEND_LOGS is set to True, the admins (see the mail configuration) will
-    # recieve the error logs per email.
-    SEND_LOGS = True
-
-    # The filename for the info and error logs. The logfiles are stored at
-    # flaskbb/logs
-    INFO_LOG = "info.log"
-    ERROR_LOG = "error.log"
-
-    # This is the secret key that is used for session signing.
-    # You can generate a secure key with os.urandom(24)
-    SECRET_KEY = 'secret key'
-
-    # SQLAlchemy connection options
-    # If you want to use an other SQL service, gidf.
-    #SQLALCHEMY_DATABASE_URI = "postgresql://localhost/example"
-
-    # Protection against form post fraud
-    # You can generate the CSRF_SESSION_KEY the same way as you have
-    # generated the SECRET_KEY
-    CSRF_ENABLED = True
-    CSRF_SESSION_KEY = "reallyhardtoguess"
-
-    # Caching
-    # See the Flask-Cache docs for more caching types
-    CACHE_TYPE = "simple"
-    CACHE_DEFAULT_TIMEOUT = 60
-
-    # Recaptcha
-    RECAPTCHA_USE_SSL = False
-    RECAPTCHA_PUBLIC_KEY = "your_public_recaptcha_key"
-    RECAPTCHA_PRIVATE_KEY = "your_private_recaptcha_key"
-    RECAPTCHA_OPTIONS = {"theme": "white"}
-
-    # Mail
-    MAIL_SERVER = "yourmailserver"
-    MAIL_PORT = 25
-    MAIL_USERNAME = "Your Mailusername"
-    MAIL_PASSWORD = ""
-    DEFAULT_MAIL_SENDER = "your@emailadress.org"
-    ADMINS = ["admin@example.org"]

flaskbb/configs/production.py.example

@@ -0,0 +1,81 @@
+"""
+    flaskbb.configs.example
+    ~~~~~~~~~~~~~~~~~~~~
+
+    This is how a production configuration can look like.
+
+    :copyright: (c) 2013 by the FlaskBB Team.
+    :license: BSD, see LICENSE for more details.
+"""
+from flaskbb.configs.base import BaseConfig
+
+
+class ProductionConfig(BaseConfig):
+
+    ## Database
+    # If no SQL service is choosen, it will fallback to sqlite
+    # For PostgresSQL:
+    #SQLALCHEMY_DATABASE_URI = "postgresql://localhost/example"
+    # For SQLite:
+    #SQLALCHEMY_DATABASE_URI = 'sqlite:///' + BaseConfig._basedir + '/' + \
+    #                          BaseConfig.PROJECT + ".sqlite"
+
+    ## Security
+    # This is the secret key that is used for session signing.
+    # You can generate a secure key with os.urandom(24)
+    SECRET_KEY = 'secret key'
+
+    # You can generate the WTF_CSRF_SECRET_KEY the same way as you have
+    # generated the SECRET_KEY. If no WTF_CSRF_SECRET_KEY is provided, it will
+    # use the SECRET_KEY.
+    WTF_CSRF_ENABLED = True
+    WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
+
+
+    ## Caching
+    # See the Flask-Cache docs for more caching types
+    CACHE_TYPE = "simple"
+    CACHE_DEFAULT_TIMEOUT = 60
+
+
+    ## Captcha
+    # To get recaptcha, visit the link below:
+    # https://www.google.com/recaptcha/admin/create
+    RECAPTCHA_ENABLE = False
+    RECAPTCHA_USE_SSL = False
+    RECAPTCHA_PUBLIC_KEY = "your_public_recaptcha_key"
+    RECAPTCHA_PRIVATE_KEY = "your_private_recaptcha_key"
+    RECAPTCHA_OPTIONS = {"theme": "white"}
+
+
+    ## Mail
+    # Google Mail Example
+    MAIL_SERVER = "smtp.gmail.com"
+    MAIL_PORT = 465
+    MAIL_USE_SSL = True
+    MAIL_USERNAME = "your_username@gmail.com"
+    MAIL_PASSWORD = "your_password"
+    MAIL_DEFAULT_SENDER = ("Your Name", "your_username@gmail.com")
+    ADMINS = ["your_admin_user@gmail.com"]
+
+
+    ## Error/Info Logging
+    # If SEND_LOGS is set to True, the admins (see the mail configuration) will
+    # recieve the error logs per email.
+    SEND_LOGS = True
+
+    # The filename for the info and error logs. The logfiles are stored at
+    # flaskbb/logs
+    INFO_LOG = "info.log"
+    ERROR_LOG = "error.log"
+
+
+    ## FlaskBB Configs
+    # Pagination
+    POSTS_PER_PAGE = 10
+    TOPICS_PER_PAGE = 10
+    USERS_PER_PAGE = 10
+
+    # How long (in minutes) a user needs to be inactive
+    # to be shown as offline.
+    LAST_SEEN = 15