fix: added validation for crypto_key

config.example.toml

@@ -7,7 +7,7 @@ access_log = true
 url = "postgresql+psycopg://username:password@host:port/database"
 
 [access_token]
-crypto_key = "..."
+crypto_key = "..." # 32-byte url-safe base64 key
 expires_in = 86400
 
 [yandex_oauth]

infrastructure/configs/backend/config.toml

@@ -7,7 +7,7 @@ access_log = true
 url = "postgresql+psycopg://postgres:postgres@postgres:5432/postgres"
 
 [access_token]
-crypto_key = "insecure_token"
+crypto_key = "YlPGYA-WnyYW8Cd0bFZWPeZjPjfXhrD9P7ciCprYmmc="
 expires_in = 86400
 
 [yandex_oauth]

src/template_project/web_api/configuration.py

@@ -5,6 +5,7 @@ from tomllib import loads
 from typing import dataclass_transform
 
 from adaptix import P, Retort, loader
+from cryptography.fernet import Fernet
 
 from template_project.application.common.containers import SecretString
 
@@ -24,6 +25,13 @@ class AccessTokenConfiguration:
     crypto_key: str
     expires_in: timedelta
 
+    def __post_init__(self) -> None:
+        try:
+            Fernet(self.crypto_key)
+        except ValueError as error:
+            msg = "access_token.crypto_key must be a valid 32-byte url-safe base64 key"
+            raise ValueError(msg) from error
+
 
 @to_configuration
 class ServerConfiguration: