Added SECRET_KEY to the options file

This commit is contained in:
Taizo 'Tsa6' Simpson 2017-09-21 17:07:42 -04:00
parent b7fc3628df
commit 02bd2e3294
2 changed files with 13 additions and 1 deletions

View File

@ -11,6 +11,12 @@ https://docs.djangoproject.com/en/1.11/ref/settings/
""" """
import os import os
import configparser
import warnings
config = configparser.ConfigParser()
config.read('options.ini')
options = config['General']
# Build paths inside the project like this: os.path.join(BASE_DIR, ...) # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
@ -20,7 +26,10 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/ # See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret! # SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '#(5u4*zj+ppjmsa^8mu_e%$0zpou(&9vu^q02g4icb%eu%3qe8' SECRET_KEY = options.get('secret_key', '5up3r s3cr3t k3y')
if '5up3r s3cr3t k3y' == SECRET_KEY:
warnings.warn("Using a default secret_key, change this in options.ini for production!")
# SECURITY WARNING: don't run with debug turned on in production! # SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True DEBUG = True

3
options_example.ini Normal file
View File

@ -0,0 +1,3 @@
[General]
# You MUST change this for production. Not doing so is a major vulnerability
secret_key=5up3r s3cr3t k3y