removed SECRET_KEY from production settings, must be provides in

secrets.json
2020-11-17 13:23:07 +01:00 · 2020-11-17 13:23:07 +01:00 · ee999f8eaf
parent bb39d4e3d9
commit ee999f8eaf
2 changed files with 4 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -6,6 +6,7 @@ purpose: gather data from intern(WMDE) and extern(volunteers) forms to create a

    ln -sr foerderbarometer/settings_development.py foerderbarometer/settings.py

+  
 run the development server with

    python3 manage.py runserver
@ -25,7 +26,8 @@ run the development server with
 edit /secrets.json to contain something similar to

    {
-      "DATABASE_PASSWORD": "THIS IS TOP SECRET!"
+      "DATABASE_PASSWORD": "THIS IS TOP SECRET!",
+      "SECRET_KEY": "THIS IS ANOTHER SECRET!"
    }

 edit foerderbarometer/settings_production.py according to your database setup (tested with MariaDB 10.0.36)
--- a/foerderbarometer/settings_production.py
+++ b/foerderbarometer/settings_production.py
@ -45,7 +45,7 @@ def get_secret(setting, secrets=secrets):
 # See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/

 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = '*&7p9#_n$@^%0z49s+7jpy@+j1rw_hqh05knyd6y2*!0)r&b6h'
+SECRET_KEY = get_secret('SECRET_KEY')

 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = False