ickerio
commented
5 months ago Agreed. Let’s add it to the setup part of the readme and ensure we add .env to our .gitignore
Closed HenriScaff closed 5 months ago
ickerio
commented
5 months ago Agreed. Let’s add it to the setup part of the readme and ensure we add .env to our .gitignore
After watching security lecture, I see we need to have SECRET_KEY not in GitHub. I don't think we do currently, which is good, but the 'or' statement in config.py I think sets it to 'you-will-never-guess' if we don't get SECRET_KEY in our environment.
So, maybe we need to add to README that before launching, a user must add a .env file which sets the SECRET_KEY.
I'm not 100% sure about this, would love a discussion :)