From 382780660306a21e51b53e09ae62416fd7781e51 Mon Sep 17 00:00:00 2001 From: Oliver Walters Date: Wed, 24 Apr 2019 16:01:47 +1000 Subject: [PATCH] SECRET_KEY is now generated by a script and stored as a local file - key file ignored from git --- .gitignore | 5 ++++- InvenTree/InvenTree/settings.py | 6 ++++-- InvenTree/key.py | 20 ++++++++++++++++++++ Makefile | 3 +++ 4 files changed, 31 insertions(+), 3 deletions(-) create mode 100644 InvenTree/key.py diff --git a/.gitignore b/.gitignore index ec0bae4220..e304877626 100644 --- a/.gitignore +++ b/.gitignore @@ -30,7 +30,10 @@ local_settings.py # Local media storage (only when running in development mode) InvenTree/media -# Ignore PyCharm project configuration +# Key file +secret_key.txt + +# Ignore python IDE project configuration .idea/ # Coverage reports diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py index 813d0d8ad4..038e7429b5 100644 --- a/InvenTree/InvenTree/settings.py +++ b/InvenTree/InvenTree/settings.py @@ -21,8 +21,10 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -# TODO: remove this -SECRET_KEY = 'oc2z%5)lu#jsxi#wpg)700z@v48)2aa_yn(a(3qg!z!fw&tr9f' + +key_file = open('secret_key.txt', 'r') + +SECRET_KEY = key_file.read().strip() # SECURITY WARNING: don't run with debug turned on in production! DEBUG = True diff --git a/InvenTree/key.py b/InvenTree/key.py new file mode 100644 index 0000000000..20471a3a9f --- /dev/null +++ b/InvenTree/key.py @@ -0,0 +1,20 @@ +# Generate a SECRET_KEY file + +import random +import string +import os + +fn = 'secret_key.txt' + +def generate_key(): + return ''.join(random.choices(string.digits + string.ascii_letters + string.punctuation, k=50)) + +if __name__ == '__main__': + + # Ensure key file is placed in same directory as this script + path = os.path.dirname(os.path.realpath(__file__)) + key_file = os.path.join(path, fn) + + with open(key_file, 'w') as key: + key.write(generate_key()) + print('Generated SECRET_KEY to {f}'.format(f=key_file)) \ No newline at end of file diff --git a/Makefile b/Makefile index 831ab4ff3a..7586b678a4 100644 --- a/Makefile +++ b/Makefile @@ -28,6 +28,9 @@ migrate: install: # TODO: replace this with a proper setup.py pip install -U -r requirements/base.txt + + # Generate a secret key + python InvenTree/key.py setup: install migrate