Fenrir Sivar <fenrir.si...@gmail.com> writes: > I inherited a django app that calls private APIs in a view to fetch some > data. The credentials or api keys are currently hardcoded in the source, > making it difficult to share. > What is the preferred way to store these kind of keys in a secure way only > accessible to the django server?
As Kasper suggests, I also use environment variables in development environment. But a few more things add up to convenience. 1. I use ‘direnv’ for managing per directory environment variables. As I enter a perticular directory (on terminal), it echos the newly set environment variables. 2. It might be overkill but I use Docker on my development machine. And I use the same environment variables in my docker-compose.yml. This is also useful in production setup where you are deploying in Docker. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/m25z5bcqwj.fsf%40codeisgreat.org.
