[Django] #31890: if SECRET_KEY is not set and "keyring" is installed, use "keyring" to get_or_create a secret key

[Django]

#31890: if SECRET_KEY is not set and "keyring" is installed, use "keyring" to
get_or_create a secret key
-------------------------------------------+------------------------
               Reporter:  Thomas Grainger  |          Owner:  nobody
                   Type:  Uncategorized    |         Status:  new
              Component:  Uncategorized    |        Version:  3.1
               Severity:  Normal           |       Keywords:
           Triage Stage:  Unreviewed       |      Has patch:  0
    Needs documentation:  0                |    Needs tests:  0
Patch needs improvement:  0                |  Easy pickings:  0
                  UI/UX:  0                |
-------------------------------------------+------------------------
 managing the django SECRET_KEY for new projects is a bit of a pain and
 easy to end up either committing the SECRET_KEY to source control or
 copying a SECRET_KEY from a blog post.

 Generating and storing a secret key in the system keyring adds some
 complexity, but it a much more sensible default

 using some code like this:

 {{{

 from django.core.management.utils import get_random_secret_key

 import keyring

 def _get(settings_module):
     return keyring.get_password(settings_module, "SECRET_KEY")


 def _create():
     password = get_random_secret_key()
     keyring.set_password(settings_module, "SECRET_KEY", password)
     return password


 def get_or_create(settings_module):
     return _get(settings_module) or _create(settings_module)
 }}}


 it can be used explicitly in a settings module like:


 {{{
 SECRET_KEY = get_or_create(__name__)
 }}}


 or in the LazySettings like this

 {{{

         elif name == 'SECRET_KEY' and not val:
             return get_or_create(self._wrapped.SETTINGS_MODULE)
             # raise ImproperlyConfigured("The SECRET_KEY setting must not
 be empty.")

 }}}


 while this is mostly useful in development, it's also useful in production
 where you can plug a credential provider into keyring such as
 https://github.com/FindHotel/s3keyring

-- 
Ticket URL: <https://code.djangoproject.com/ticket/31890>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/052.89cf82d65f0e03880d97bb48293ae353%40djangoproject.com.