cookiecutter/cookiecutter-django
1
1
Fork 0
mirror of https://github.com/cookiecutter/cookiecutter-django.git synced 2025-01-24 00:04:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cryptographically secured env.example secret key

Browse Source
This commit is contained in:
Daniel Roy Greenfeld 2015-10-15 09:29:43 -07:00
parent 811e98f4cf
commit 08ab710ea4
3 changed files with 35 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG.md
View File

@ -2,6 +2,11 @@
All enhancements and patches to cookiecutter-django will be documented in this file. All enhancements and patches to cookiecutter-django will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/). This project adheres to [Semantic Versioning](http://semver.org/).
## [2015-10-15]
### Changed
- Made `post_gen_hook` function to change secret keys in files more generic (@pydanny)
- Set cryptographically randomized value to `DJANGO_SECRET_KEY` in `env.example` (@pydanny)
## [2015-10-14] ## [2015-10-14]
### Added ### Added
- Documention of project options (@audreyr) - Documention of project options (@audreyr)

41
hooks/post_gen_project.py
View File

@ -55,28 +55,43 @@ def get_random_string(
).digest()) ).digest())
return ''.join(random.choice(allowed_chars) for i in range(length)) return ''.join(random.choice(allowed_chars) for i in range(length))
def make_secret_key(project_directory): def set_secret_key(setting_file_location):
"""Generates and saves random secret key"""
# Determine the local_setting_file_location
local_setting_file_location = os.path.join(
project_directory,
'config/settings/local.py'
)
# Open locals.py # Open locals.py
with open(local_setting_file_location) as f: with open(setting_file_location) as f:
local_py = f.read() file_ = f.read()
# Generate a SECRET_KEY that matches the Django standard # Generate a SECRET_KEY that matches the Django standard
SECRET_KEY = get_random_string() SECRET_KEY = get_random_string()
SECRET_KEY = 'CHANGEME!!!' + SECRET_KEY SECRET_KEY = 'CHANGEME!!!' + SECRET_KEY
# Replace "CHANGEME!!!" with SECRET_KEY # Replace "CHANGEME!!!" with SECRET_KEY
local_py = local_py.replace('CHANGEME!!!', SECRET_KEY) file_ = file_.replace('CHANGEME!!!', SECRET_KEY)
# Write the results to the locals.py module # Write the results to the locals.py module
with open(local_setting_file_location, 'w') as f: with open(setting_file_location, 'w') as f:
f.write(local_py) f.write(file_)
def make_secret_key(project_directory):
"""Generates and saves random secret key"""
# Determine the local_setting_file_location
local_setting = os.path.join(
project_directory,
'config/settings/local.py'
)
# local.py settings file
set_secret_key(local_setting)
env_file = os.path.join(
project_directory,
'env.example'
)
# env.example file
set_secret_key(env_file)
def remove_task_app(project_directory): def remove_task_app(project_directory):
"""Removes the taskapp if celery isn't going to be used""" """Removes the taskapp if celery isn't going to be used"""

4
{{cookiecutter.repo_name}}/env.example
View File

@ -3,8 +3,8 @@ POSTGRES_USER=postgresuser
ADMIN_URL= ADMIN_URL=
DJANGO_SETTINGS_MODULE=config.settings.production DJANGO_SETTINGS_MODULE=config.settings.production
DJANGO_SECRET_KEY= DJANGO_SECRET_KEY=CHANGEME!!!
DJANGO_ALLOWED_HOSTS= DJANGO_ALLOWED_HOSTS=*
DJANGO_AWS_ACCESS_KEY_ID= DJANGO_AWS_ACCESS_KEY_ID=
DJANGO_AWS_SECRET_ACCESS_KEY= DJANGO_AWS_SECRET_ACCESS_KEY=
DJANGO_AWS_STORAGE_BUCKET_NAME= DJANGO_AWS_STORAGE_BUCKET_NAME=