You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 lines
1003 B
29 lines
1003 B
"""
|
|
Two things are wrong with Django's default `SECRET_KEY` system:
|
|
1. It is not random but pseudo-random
|
|
2. It saves and displays the SECRET_KEY in `settings.py`
|
|
This snippet
|
|
1. uses `SystemRandom()` instead to generate a random key
|
|
2. saves a local `secret.txt`
|
|
The result is a random and safely hidden `SECRET_KEY`.
|
|
"""
|
|
try:
|
|
SECRET_KEY
|
|
except NameError as ne:
|
|
import os
|
|
from eshop_project.settings.base import BASE_DIR
|
|
|
|
SECRET_FILE = os.path.join(BASE_DIR, 'secret.txt')
|
|
try:
|
|
SECRET_KEY = open(SECRET_FILE).read().strip()
|
|
except IOError:
|
|
try:
|
|
import random
|
|
|
|
SECRET_KEY = ''.join(
|
|
[random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)])
|
|
with open(SECRET_FILE, 'w') as f:
|
|
f.write(SECRET_KEY)
|
|
except IOError:
|
|
Exception('Please create a %s file with random characters \
|
|
to generate your secret key!' % SECRET_FILE)
|
|
|