From a3012575967e6cce75b809b9cc87a1746e1b64fa Mon Sep 17 00:00:00 2001 From: Birger Schacht Date: Wed, 20 Dec 2023 09:37:08 +0100 Subject: [PATCH] fix: use random secret key instead of hardcoding it Closes: #65 --- apis_acdhch_default_settings/settings.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/apis_acdhch_default_settings/settings.py b/apis_acdhch_default_settings/settings.py index 54f23d5..f4f1284 100644 --- a/apis_acdhch_default_settings/settings.py +++ b/apis_acdhch_default_settings/settings.py @@ -2,6 +2,7 @@ import re from typing import Any, Dict +from django.core.management.utils import get_random_secret_key import dj_database_url if os.environ.get("SENTRY_DSN"): @@ -22,10 +23,7 @@ send_default_pii=True, ) -# We fall back to a DEFAULT_SECRET_KEY, but you should -# override this using an environment variable! -DEFAULT_SECRET_KEY = "a+nkut46lzzg_=ul)zrs29$u_6^*)2by2mjmwn)tqlgw)_at&l" -SECRET_KEY = os.environ.get("SECRET_KEY", DEFAULT_SECRET_KEY) +SECRET_KEY = os.environ.get("SECRET_KEY", get_random_secret_key()) # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(