From a456b565d5af0c8f88cb6844825c9ff0f7c85665 Mon Sep 17 00:00:00 2001
From: Valentin Lobstein <balgogan@protonmail.com>
Date: Tue, 10 Mar 2026 16:57:02 +0100
Subject: [PATCH] Fix: Replace hardcoded default API token with random
 generation

---
 docker/super_user.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docker/super_user.py b/docker/super_user.py
index 7918388..93eb854 100644
--- a/docker/super_user.py
+++ b/docker/super_user.py
@@ -1,3 +1,4 @@
+import secrets
 from os import environ
 
 from django.conf import settings
@@ -21,7 +22,7 @@ su_email = environ.get("SUPERUSER_EMAIL", "admin@example.com")
 su_password = _read_secret("superuser_password", environ.get("SUPERUSER_PASSWORD", "admin"))
 su_api_token = _read_secret(
     "superuser_api_token",
-    environ.get("SUPERUSER_API_TOKEN", "0123456789abcdef0123456789abcdef01234567"),
+    environ.get("SUPERUSER_API_TOKEN", secrets.token_hex(20)),
 )
 
 if not User.objects.filter(username=su_name):