secrets should not be tracked in version control

andredi15 / trading-journal

A simple app to keep track of trades.

0 stars 0 forks source link

secrets should not be tracked in version control #2

Open evanburger opened 5 months ago

evanburger commented 5 months ago

The value in the SECRET_KEY as well as other secrets should not saved in version control but only given to trusted developers. Instead SECRET_KEY can be brought in using the os.environ.get standard library function.

andredi15 commented 5 months ago

Ok i have installed decouple and added to my settings.py: SECRET_KEY = config('SECRET_KEY')

And moved my secret key to .env file. Let me know if you have any other suggestions!