From 1a1dcad482c8a53c15df07bdc3495320ffce1514 Mon Sep 17 00:00:00 2001
From: Ori Hoch <ori@uumpa.com>
Date: Mon, 29 Jan 2018 16:54:51 +0200
Subject: [PATCH] added option to disable ssl verification for development

---
 auth/lib.py    | 5 ++++-
 auth/models.py | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/auth/lib.py b/auth/lib.py
index 769fab4..70d9b52 100644
--- a/auth/lib.py
+++ b/auth/lib.py
@@ -2,6 +2,7 @@
 
 import jwt
 import requests
+import os
 
 
 class Verifyer:
@@ -9,7 +10,9 @@ class Verifyer:
     def __init__(self, *, auth_endpoint=None, public_key=None):
         if public_key is None:
             if auth_endpoint is not None:
-                public_key = requests.get(urljoin(auth_endpoint, 'public-key')).text
+                public_key = requests.get(urljoin(auth_endpoint, 'public-key'),
+                                          # verify ssl - defaults to true
+                                          verify=(os.environ.get("VERIFY_SSL")!="0")).text
         assert public_key is not None
         self.public_key = public_key
 
diff --git a/auth/models.py b/auth/models.py
index e0c4cc0..7ef4217 100644
--- a/auth/models.py
+++ b/auth/models.py
@@ -21,6 +21,7 @@
 
 def setup_engine(connection_string):
     global _sql_engine
+    assert connection_string, "No database defined, please set your DATABASE_URL environment variable"
     _sql_engine = create_engine(connection_string)
     Base.metadata.create_all(_sql_engine)