python - How to I hide my secret_key using virtualenv and Django? -

-

i using django, python, virtualenv, virtualenvwrapper, , vagrant.

so far have left secret_key inside of settings.py file. works file local files. have placed files in git. know not acceptable production(apache).

what correct way go hiding secret_key?

should use virtualenv hide it?

there's lot of different methods hide secrets.

  1. use another, non-versioned file.

    create new file secrets.py or have , put secrets in that. place alongside settings file , place secret in there; in settings file put from secrets import * @ top. then, rahul said, add .gitignore file , add secrets.py file won't committed.

    the disadvantage of approach there no source control @ on file; if lose you're sol.

  2. use environment variables.

    use apache setenv or passenv directives pass environment variables process, retrieve them os.environ() in settings file. has advantage in in development, can set new variables (as var1=whatever var2=whatever ... ./manage.py runserver ...) or set them whatever mechanism use launch development project.

    the disadvantage same; if lose apache configs you're boned.

  3. use second repository in combination method 1.

    personally, idea of having dedicated secrets repository put secrets , keep repo under lock , key. part of deployment process, can use git archive or similar command extract proper keys place you're deploying to, , can keep secrets backed , under version control easily. can add appropriate files in secrets repo .gitingore file of site repository don't accidentally committed.

    the downside of have repository , deployment step. think that's worth it, personally, it's you.

in general, more secure want it, more inconvenient it's going to access secrets. that's rule in general, though.


Comments

Post a Comment

Popular posts from this blog

yii2 - Yii 2 Running a Cron in the basic template -

-
i have seen instructions on running cron in advanced template, cant figure out how on basic template. have following controller in basic controllers folder. <?php namespace app\controllers; use yii\console\controller; /** * cron controller */ class croncontroller extends controller { public function actionindex() { echo "cron service runnning"; } public function actionmail($to) { echo "sending mail " . $to; } } i have navigated root of application , tried these comands yii cron php yii cron im getting unknown comand "cron" i know old question failed find actual answer this. if @ code yii exec file you'll notice requires /common/config/aliases.php file console/config/main.php. can naturally change these or copy on these advanced template. hope solves problem wanting same thing.
Read more

asp.net - 'System.Web.HttpContext' does not contain a definition for 'GetOwinContext' Mystery -

-
i realize question might seem trivial some, it's these types of things find myself fighting quite bit , want make sense of despite seeming losing battle in .net (for me anyway). so, if following: using system.web; ... applicationuser user = system.web.httpcontext.getowincontext().getusermanager<applicationusermanager>().findbyid(system.web.httpcontext.user.identity.getuserid()); that produces error in title , red getowincontext() , error cannot resolve symbol 'getowincontext()' however, if following (remove system.web in front of httpcontext ), works expected (or @ least no errors): using system.web; ... applicationuser user = httpcontext.getowincontext().getusermanager<applicationusermanager>().findbyid(system.web.httpcontext.user.identity.getuserid()); however, if (same line that's working using system.web commented out): //using system.web; ... applicationuser user = httpcontext.getowincontext().getusermana...
Read more

wso2esb - How to concatenate JSON array values in WSO2 ESB? -

-
we have json object below, expected result in: "(001),(011),(089),(120)". can suggest how iterate json array , concat values mention . "(001),(011),(089),(120)" thanks in advance. { "element": { "values": { "agentid": "aaaaa", "transactiondata": [ { "no": "001" }, { "no": "011" }, { "no": "089" }, { "no": "120" } ] } } } you can using iterate mediator, filter mediator , properties operation scope. try solution. @ end have (001),(011),(089),(120) value in concat-data property. have added complete proxy reference. <?xml version="1.0" encoding=...
Read more