Remove the autogenerated secret key from settings.py

EBIvariation / trait-curation

A web application for manual curation of trait-to-ontology mappings, including provenance and integration with EBI SPOT stack.

Apache License 2.0

2 stars 2 forks source link

Remove the autogenerated secret key from settings.py #86

Closed tskir closed 4 years ago

tskir commented 4 years ago

The traitcuration/settings.py file contains an automatically generated secret key. While we don't use it anywhere, it should still be removed to avoid confusion.

joj0s commented 4 years ago

This setting is being used by Django for cryptography purposes so it shouldn't be completely removed, but it should be re-generated and kept in a separate uncommitted file, along with the database credentials in the deployment machines.

tskir commented 4 years ago

I realise we cannot and should not remove this field completely. What I mean is that this key should be blanked in the repository, and the deployment instructions should mention that it will have to be re-generated prior to deployment