This content originally appeared on DEV Community and was authored by TinoMuchenje
It is best practice to hide your configuration details and not include them in version control for the sake of security and independence of project instance. Getting straight to the point here is how to do it using python decouple library.
Quick Summary
- Install decouple pip install python-decouple or [https://pypi.org/project/python-decouple/].
- Create file named .env or .ini under the route of your project.
- Add ignore for .env if you are using git.
- Retrieve the settings by importing decouple into the settings.py file and replacing variables to hide with config. 5 . Test the application
Detailed Steps
This is how our initial exposed settings.py looks like before exclusion.
import os
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
SECRET_KEY = '3izb^ryglmyscret_key_here'
DEBUG = True
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'HELLO_DJANGO',
'USER': 'TINO',
'PASSWORD': 'thepasswordhere',
'HOST': '127.0.0.1',
'PORT': '0000',
}
}
1. Installing decouple
run
pip install python-decouple
or if you prefer downloading [https://pypi.org/project/python-decouple/]
2. Create .env file
Add variables to hide or exclude by copying values from settings.py making sure you do not include quotes("").
SECRET_KEY=3izb^ryglmyscret_key_here
DEBUG=True
DB_NAME=HELLO_DJANGO
DB_USER=TINO
DB_PASSWORD=thepasswordhere
DB_HOST=127.0.0.1
3. Ignoring .env from version control(git)
Go into your gitignore file and add .env as below
# Environments
.env
This will make sure our file with variables is not tracked by the source control.
4. Retrieve the settings or values on variables set in the .env file
Import config from decouple as below and reference variables as strings
from decouple import config
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
SECRET_KEY = config('SECRET_KEY')
DEBUG = config('DEBUG', cast=bool) #NB casting here for boolean
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': config('DB_NAME'),
'USER': config('DB_USER'),
'PASSWORD': config('DB_PASSWORD'),
'HOST': config('DB_HOST'),
'PORT': '',
}
}
Please Note: On non string values we need to cast to the type e.g
DEBUG = ('DEBUG', cast=bool)
as DEBUG expects boolean True or False
5. Test to see if your application still run the same
Execute
py manage.py runserver
to make sure your application still run smoothly.
I have tried to go straight to the point for easier implementation. My motivation to write this down was the struggle I had to find similar information which is helpful. Feel free to suggest different implementations or suggestions.
Happy Coding!!!
This content originally appeared on DEV Community and was authored by TinoMuchenje
TinoMuchenje | Sciencx (2021-06-02T21:58:55+00:00) How to Keep Configuration Secrets out of a Django Project. Retrieved from https://www.scien.cx/2021/06/02/how-to-keep-configuration-secrets-out-of-a-django-project/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.