Move Django secret key to secrets.py

This commit is contained in:
Tanner Collin 2020-02-02 04:42:46 +00:00
parent c501eb3c1a
commit 0326950c54
2 changed files with 17 additions and 3 deletions

View File

@ -1,6 +1,18 @@
# Spaceport secrets file, don't commit to version control!
# Set this to random characters so the PayPal IPN POST route is unguessable
# /ipn/ route obfuscation
# Set this to random characters
# For example, use the output of this:
# head /dev/urandom | md5sum
# head /dev/urandom | base32 | head -c 16
IPN_RANDOM = ''
# Django secret key
# Set this to random characters
# For example, use the output of this:
# head /dev/urandom | base64 | head -c 50
DJANGO_SECRET_KEY = ''
# Warning
# Keep this value secret.
# Running Django with a known SECRET_KEY defeats many of Djangos security
# protections, and can lead to privilege escalation and remote code execution
# vulnerabilities.

View File

@ -13,6 +13,8 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
import os
import logging
from . import secrets
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
@ -21,7 +23,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'tm2h!9@=+cqy#n^&2en9(dhyfc@n--9*$s*#b9&%rdai)jrj&f'
SECRET_KEY = secrets.DJANGO_SECRET_KEY
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG_ENV = os.environ.get('DEBUG', False)