fix(config): now loading config from env correctly

app/__init__.py

@@ -1,14 +1,10 @@
 from flask import Flask
-from . import reset
+from . import reset, config
 
 def create_app():
-    app = Flask(__name__, instance_relative_config=True, template_folder="ui/templates", static_folder="ui/static")
-    #app.config.from_object("instance.config.DebugConfig")
-    app.config.from_envvar("LDAP_ADDR")
-    app.config.from_envvar("LDAP_PORT")
-    app.config.from_envvar("LDAP_TLS")
-    app.config.from_envvar("BASE_DN")
+    app = Flask(__name__, template_folder="ui/templates", static_folder="ui/static")
+    app.config.from_object(config.ProductionConfig())
 
     app.register_blueprint(reset.bp)
 
-    return app
+    return app

app/config.py

@@ -0,0 +1,31 @@
+import os
+
+class Config(object):
+    SECRET_KEY = os.environ.get("SECRET_KEY")
+    if SECRET_KEY is None:
+        raise Exception("[!!] No secret key was given")
+
+    LDAP_ADDRESS = os.environ.get("LDAP_ADDRESS")
+    if LDAP_ADDRESS is None:
+        raise Exception("[!!] No LDAP_ADDRESS was given")
+
+    LDAP_PORT = os.environ.get("LDAP_PORT", default=389)
+    _ldap_tls = os.environ.get("LDAP_TLS", default=False)
+    LDAP_TLS = _ldap_tls.lower() in {"1", "t", "true"}
+    BASE_DN = os.environ.get("BASE_DN")
+    if BASE_DN is None:
+        raise Exception("[!!] No BASE_DN was given")
+
+    CSRF_ENABLED = True
+    SESSION_COOKIE_SECURE = True
+    SESSION_COOKIE_HTTPONLY = True
+    SESSION_COOKIE_SAMESITE = 'None'
+
+class DevelopmentConfig(Config):
+    TESTING = True
+    DEBUG = True
+    DEVELOPMENT = True
+
+class ProductionConfig(Config):
+    TESTING = False
+    DEBUG = False