So the SECRET_KEY is stored in the database at syncdb time? What if it gets compromised, you need to modify that table/row? Just asking out of curiosity :-)
2013/6/20 John DeRosa <jo...@ipstreet.com> > When we run the development server locally, we often start with an > already-existing database. We don't re-initialize the db unless we have to, > because there's been a schema change or a change in the value stored in a > table's field. > > So we'd need SECRET_KEY to not change most of the time! > > John > > On Jun 20, 2013, at 8:29 AM, Michael Cetrulo <mail2sa...@gmail.com> wrote: > > considering that the SECRET_KEY is automatically generated every time a > new project is created [1], wouldn't make more sense to have this logic on > settings.py and generate a new value when loading the app instead of saving > it as an actual hardcoded value there? eg: > > #settings.py > > from django.utils.crypto import get_random_string > chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)' > SECRET_KEY = get_random_string(50, chars) > > is there any problems I'm not considering here? thanks. > > [1] > https://github.com/django/django/blob/master/django/core/management/commands/startproject.py > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at http://groups.google.com/group/django-users. > For more options, visit https://groups.google.com/groups/opt_out. > > > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at http://groups.google.com/group/django-users. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. For more options, visit https://groups.google.com/groups/opt_out.
