Always using a random secret key

6704cf38 · Jan Maximilian Michal · e7e725f2 · 6704cf38 · 6704cf38
Verified Commit 6704cf38 authored 7 years ago by Jan Maximilian Michal
--- a/.gitignore
+++ b/.gitignore
@@ -37,3 +37,4 @@ anon-export/
 # node
 node_modules
+secret
--- a/grady/settings/default.py
+++ b/grady/settings/default.py
@@ -12,6 +12,8 @@ https://docs.djangoproject.com/en/1.10/ref/settings/
 import datetime
 import os
+import secrets
+import string
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(
@@ -21,7 +23,21 @@ BASE_DIR = os.path.dirname(os.path.dirname(
 # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = '#1s$0+&d3c2&)t_1!4%uopgl)ewvs&wo+j+_22#f5&)8daglp)'
+try:
+    SECRET_KEY
+except NameError:
+    SECRET_FILE = 'secret'
+    try:
+        SECRET_KEY = open(SECRET_FILE).read().strip()
+    except IOError:
+        try:
+            SECRET_KEY = ''.join(secrets.choice(string.printable)
+                                 for i in range(50))
+            with open(SECRET_FILE, 'w') as secret:
+                secret.write(SECRET_KEY)
+        except IOError:
+            Exception('Please create a %s file with random characters \
+            to generate your secret key!' % SECRET_FILE)
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True