🔓🙈 Publish a SECRET_KEY

I fold (for now at least). Supporting secure out of the box would be nice, but I can also see it's close to the too-hard basket for people who're just volunteering and not renumerated (it is the kind of thing that becomes an issue as soon as one goes past the just trying it out stage though): https://help.pythonanywhere.com/pages/environment-variables-for-web-apps https://stackoverflow.com/questions/15170637/effects-of-changing-djangos-secret-key/15383766 DjangoGirls/tutorial-extensions#101
pzrq · Oct 7, 2019 · c1bbcd0 · c1bbcd0
1 parent 08afdf7
commit c1bbcd0
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -5,4 +5,4 @@ myvenv/
 db.sqlite3
 /static
 .DS_Store
-secrets/
+.env
diff --git a/myponysite/settings.py b/myponysite/settings.py
@@ -20,7 +20,7 @@
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = os.environ['SECRET_KEY']
+SECRET_KEY = "yeg-*ht$p#f%w)kz498c3%6c268wkpa%cza74r56h(zj&oy^ws"
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True

diff --git a/requirements.txt b/requirements.txt
@@ -1 +1,2 @@
 Django~=2.2.4
+python-dotenv