cognizance-amrita / cognizance_cms

An open-source club management system of the club, by the club, for the club.
https://cognizance-amrita.herokuapp.com
GNU Lesser General Public License v2.1
7 stars 11 forks source link

Security updates #114

Closed thunder-007 closed 2 years ago

thunder-007 commented 2 years ago

DB passwords and private keys are exposed adding env vars will help hiding them While development create a .env file in cognizance_cms directory and set

DEBUG = TRUE
DB_NAME = ..
USER = ..
DB_PASSWORD = ..
HOST_USER = ..
HOST_PASSWORD = ..

They .. should be replaced with corresponding values without quotes using os.environ["KEY_NAME"] will return corresponding value as string
In production you can find config vars under setting in heroku add the key and value as show below using debug as environment variable helps you in quick debug in production you can simply change the value again after finding the cause error : ) Screenshot from 2022-01-21 20-21-07

sanjay-thiyagarajan commented 2 years ago

Thanks @thunder-007. But this project is inactive. I should've archived this repo. Thank you for your contribution