Use secret.txt file auto-generated in project root as default SECRET_KEY

Also add it to .gitignore
This commit is contained in:
x11x 2018-02-18 13:43:29 +10:00
parent edbd28b67a
commit 276a926fcb
2 changed files with 12 additions and 1 deletions

2
.gitignore vendored
View File

@ -4,6 +4,8 @@ Session.vim
/.venv
/.coverage
/htmlcov
/secret.txt
/static
__pycache__
.*.swp

View File

@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/1.10/ref/settings/
"""
import os
from django.core.management import utils
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
@ -20,7 +21,15 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = ''
SECRET_KEY_FILE = os.path.join(BASE_DIR, "secret.txt")
try:
with open(SECRET_KEY_FILE, "r") as f:
SECRET_KEY = f.read().strip()
except EnvironmentError:
with open(SECRET_KEY_FILE, "w") as f:
SECRET_KEY = utils.get_random_secret_key()
f.write(SECRET_KEY)
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False