Django Secret Key

[ermalgashi]

How do we deal with the Django secret key, do we use environmental variables and ignore them? OsEnviron from python allows us to have a more precise and have security benefits.

So to set up the environment variables in Mac we should make changes in the bash .bash_profile profile and open that file with a text editor on top of the document we should export the values so if I wanted to get django_secret_key from environ I should make the line in .bash_profile as "export DJANGO_SECRET_KEY="somegibbrishtext"" and retrieve it on the settings.py file with os.environ.get('DJANGO_SECRET_KEY')

[mekhami]

So putting the secret key in your profile works, especially if you're going to be the only developer working on the project, but if you want to work on it with multiple developers, you're going to have to tell all of them to do the same thing. Which is fine for small groups, but the more people you add, the easier you want to make this.

So an alternative is to add a file to the root of the project called .env which contains your secret stuff. The contents would look like this:

DJANGO_SECRET_KEY=some-gibberish-stuff
OTHER_SECRET=super-password

And then, you need some tool to read that .env file as your "environment" at runtime. https://django-environ.readthedocs.io/en/latest/ This is a good tool for that :)

[ermalgashi]

So the .env file is a file of key and value pairs, we import os and environ to read those.

First, we need to create an instance of environ.Env() all the values put in the instantiation are the default values, in the settings.py. After that we read values with as DEBUG = env('DEBUG') or secret_key respectively.

Also the methods inside environ, parsing of the urls, such as .db() or .cache(), I don't understand very well.

[mekhami]

We won't worry about the .db() or .cache() stuff etc just yet. if we find one we need, we'll tackle that by itself.