How to Configure Flask App: Setup and Best Practices
To configure a
Flask app, set configuration values on the app's config object using methods like app.config.from_mapping() or app.config.from_pyfile(). You can also use environment variables for flexible and secure settings.Syntax
The Flask app configuration is managed through the app.config dictionary-like object. You can set configuration values directly or load them from files or environment variables.
app.config['KEY'] = value: Set a single config value.app.config.from_mapping(dict): Load multiple config values from a dictionary.app.config.from_pyfile('filename.py'): Load config from a Python file.app.config.from_envvar('ENV_VAR'): Load config from a file path stored in an environment variable.
python
from flask import Flask app = Flask(__name__) # Set a single config value app.config['DEBUG'] = True # Load multiple config values from a dictionary app.config.from_mapping( SECRET_KEY='your-secret-key', DATABASE_URI='sqlite:///mydb.sqlite' ) # Load config from a Python file # app.config.from_pyfile('config.py') # Load config from a file path in environment variable # app.config.from_envvar('MYAPP_CONFIG')
Example
This example shows how to create a Flask app and configure it using a Python config file and environment variables. It demonstrates accessing config values inside a route.
python
from flask import Flask, jsonify import os app = Flask(__name__) # Load config from a Python file app.config.from_pyfile('config.py', silent=True) # Override config with environment variable if set secret_key = os.getenv('SECRET_KEY') if secret_key: app.config['SECRET_KEY'] = secret_key @app.route('/') def index(): return jsonify({ 'debug': app.config.get('DEBUG'), 'secret_key': app.config.get('SECRET_KEY') }) if __name__ == '__main__': app.run()
Output
Running the app and visiting '/' returns JSON like:
{"debug": true, "secret_key": "your-secret-key"}
Common Pitfalls
Common mistakes when configuring Flask apps include:
- Forgetting to set
SECRET_KEYfor security features like sessions. - Not using
silent=Truewhen loading config files that might not exist, causing errors. - Hardcoding sensitive data instead of using environment variables.
- Modifying config after the app has started, which can cause inconsistent behavior.
python
from flask import Flask import os app = Flask(__name__) # Wrong: Hardcoding secret key in code (not secure) app.config['SECRET_KEY'] = 'hardcoded-secret' # Right: Load from environment variable app.config['SECRET_KEY'] = os.getenv('SECRET_KEY', 'default-secret')
Quick Reference
Summary tips for Flask app configuration:
- Use
app.configto manage settings. - Prefer
from_pyfile()orfrom_mapping()for organized config. - Use environment variables for secrets and environment-specific settings.
- Set
SECRET_KEYto enable secure sessions. - Load config before running the app to avoid runtime issues.
Key Takeaways
Configure Flask apps using the app.config dictionary for flexible settings.
Load configuration from Python files or environment variables for security and convenience.
Always set a SECRET_KEY to enable secure sessions and protect your app.
Avoid hardcoding sensitive data; use environment variables instead.
Load all configuration before starting the app to ensure consistent behavior.