Just returning to some Django work after a time away, I
(re)started an old project in 1.3 and hit an early issue. I'd
like to keep my settings.py under revision-control that is
somewhat publicly accessible, but don't want my SECRET_KEY
exposed. The solution I've opted for is the following excerpt of
my settings.py on which I'm hoping for feedback:
SECRET_FILE = "secret.txt"
if os.path.exists(SECRET_FILE):
SECRET_KEY = file(SECRET_FILE).read()
else:
from random import choice
SECRET_KEY = ''.join([
choice(
'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
) for i in range(50)])
f = file(SECRET_FILE, 'w')
f.write(SECRET_KEY)
f.close()
(key generation ripped directly from
core/management/commands/startproject.py )
As best I can tell, this should allow me to place secret.txt on
machines I control, while allowing others to freely download the
code and deploy on their end with minimal trouble.
Any input would be greatly appreciated,
-tkc
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
