#36782: Add management command for generating a Django SECRET_KEY
-------------------------------------+-------------------------------------
Reporter: joe-philip | Type: New
| feature
Status: new | Component: Core
| (Management commands)
Version: 6.0 | Severity: Normal
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
### **Summary**
Django provides a utility function,
`django.core.management.utils.get_random_secret_key()`, for generating
cryptographically secure secret keys. However, Django does not currently
offer a built-in `django-admin` or `manage.py` command to generate a new
SECRET_KEY for production use.
Developers frequently need to generate a proper secret key when:
* deploying to production,
* regenerating keys for CI/CD pipelines,
* creating new environments,
* or building automation scripts.
Since Django encourages using a strong, unique secret key in production,
providing a first-class management command improves the developer
experience and aligns with Django's philosophy of offering batteries-
included tools.
---
### **Proposed Feature**
Introduce a new management command:
```
python manage.py generate_secret_key
```
This command would output a securely generated secret key using Django's
existing function:
```python
get_random_secret_key()
```
### **Example Output**
```
g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4
```
---
### **Rationale**
1. **Consistency** – Django already provides the function but not an
accessible command.
2. **Developer convenience** – Users currently rely on third-party
snippets, shell scripts, or copy-paste from docs.
3. **Security** – Encourages developers to use Django’s own
cryptographically strong generator rather than unsafe or custom-made
solutions.
4. **Automation** – Useful for scripts, CI pipelines, container builds,
and provisioning tools.
---
### **Proposed Implementation**
A new command under:
```
django/core/management/commands/generate_secret_key.py
```
Example implementation:
```python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, **options):
self.stdout.write(get_random_secret_key())
```
---
### **Documentation**
Add a section to `docs/ref/django-admin.txt` describing the new command
with usage examples.
---
### **Tests**
A test would be added to ensure:
* The command runs successfully.
* The output is a string.
* The generated key meets expected length and randomness criteria.
Example:
```python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
```
--
Ticket URL: <https://code.djangoproject.com/ticket/36782>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019afdccbb1f-d7c31084-93ca-481a-a54b-43aa5349df8b-000000%40eu-central-1.amazonses.com.
