search

dakinwerneburg / gradify

Capstone project the built on the idea of google classroom by providing a tool for teachers to aggregate selected grades for a given class without having to look up individually
Apache License 2.0
0 stars 0 forks source link

Secrets Exposed #11

Open rbrady opened 3 years ago

rbrady commented 3 years ago

Hey Dakin!

Glad to see you kept hacking on this.

https://github.com/dakinwerneburg/gradify/blob/dbed289538e0712e7962741c146c3cf9b4ad5421/gradify/settings/default.py#L22-L23

The secrets should be set via environment variables and retrieved via os.environ.get('SECRET_KEY').

For development just add a .env.dev file that contains things like this that should be unique to deployment and source it before running ./manage.py

.env.dev

DEBUG=1 SECRET_KEY=324234sdfdsferewr32542ewdsfdsf DJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1]

dakinwerneburg commented 3 years ago
Hi Ryan,Hope all is well with you.  Thanks for the tip.  I am actually started the Microsoft Software Systems Academy that works with veterans get a job as Cloud Application Developer with Microsoft.  Well one thing they wanted me to do was get an GitHub account because Microsoft owns it, so I just merged my GitLab project with GitHub but looks like some of you have worked on it, so had to do resolve some merge conflicts.    Respectfully Submitted Dakin T. Werneburg Sent from Mail for Windows 10 From: Ryan BradySent: Friday, January 15, 2021 3:59 PMTo: dakinwerneburg/gradifyCc: SubscribedSubject: [dakinwerneburg/gradify] Secrets Exposed (#11) Hey Dakin!Glad to see you kept hacking on this.https://github.com/dakinwerneburg/gradify/blob/dbed289538e0712e7962741c146c3cf9b4ad5421/gradify/settings/default.py#L22-L23The secrets should be set via environment variables and retrieved via os.environ.get('SECRET_KEY').For development just add a .env.dev file that contains things like this that should be unique to deployment and source it before running ./manage.py.env.devDEBUG=1SECRET_KEY=324234sdfdsferewr32542ewdsfdsfDJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1]—You are receiving this because you are subscribed to this thread.Reply to this email directly, view it on GitHub, or unsubscribe. 
rbrady commented 3 years ago

Dakin,

It looks like we worked on it because we did. :) Git keeps the history of commits. When you merged the gitlab project into the GitHub project, it brought the history with it. You could have copied the files without the .git directory into a new Git repository and it would have avoided the merge issues, but it’s probably better you didn’t remove the attribution to your fellow authors on the project.

Good luck with the Microsoft program!

S/F,

Ryan