Cryptographically secured env.example secret key

2025-11-04 01:47:28 +03:00 · 2015-10-15 09:29:43 -07:00 · 2015-10-15 09:29:43 -07:00 · 08ab710ea4
commit 08ab710ea4
parent 811e98f4cf
3 changed files with 35 additions and 15 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,11 @@
 All enhancements and patches to cookiecutter-django will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).

+## [2015-10-15]
+### Changed
+- Made `post_gen_hook` function to change secret keys in files more generic (@pydanny)
+- Set cryptographically randomized value to `DJANGO_SECRET_KEY` in `env.example` (@pydanny)
+
 ## [2015-10-14]
 ### Added
 - Documention of project options (@audreyr)
--- a/hooks/post_gen_project.py
+++ b/hooks/post_gen_project.py
@ -55,28 +55,43 @@ def get_random_string(
            ).digest())
    return ''.join(random.choice(allowed_chars) for i in range(length))

-def make_secret_key(project_directory):
-    """Generates and saves random secret key"""
-    # Determine the local_setting_file_location
-    local_setting_file_location = os.path.join(
-        project_directory,
-        'config/settings/local.py'
-    )
-
+def set_secret_key(setting_file_location):
    # Open locals.py
-    with open(local_setting_file_location) as f:
-        local_py = f.read()
+    with open(setting_file_location) as f:
+        file_ = f.read()

    # Generate a SECRET_KEY that matches the Django standard
    SECRET_KEY = get_random_string()
    SECRET_KEY = 'CHANGEME!!!' + SECRET_KEY

    # Replace "CHANGEME!!!" with SECRET_KEY
-    local_py = local_py.replace('CHANGEME!!!', SECRET_KEY)
+    file_ = file_.replace('CHANGEME!!!', SECRET_KEY)

    # Write the results to the locals.py module
-    with open(local_setting_file_location, 'w') as f:
-        f.write(local_py)
+    with open(setting_file_location, 'w') as f:
+        f.write(file_)
+
+
+def make_secret_key(project_directory):
+    """Generates and saves random secret key"""
+    # Determine the local_setting_file_location
+    local_setting = os.path.join(
+        project_directory,
+        'config/settings/local.py'
+    )
+
+    # local.py settings file
+    set_secret_key(local_setting)
+
+    env_file = os.path.join(
+        project_directory,
+        'env.example'
+    )
+
+    # env.example file
+    set_secret_key(env_file)
+
+

 def remove_task_app(project_directory):
    """Removes the taskapp if celery isn't going to be used"""
--- a/{{cookiecutter.repo_name}}/env.example
+++ b/{{cookiecutter.repo_name}}/env.example
@ -3,8 +3,8 @@ POSTGRES_USER=postgresuser

 ADMIN_URL=
 DJANGO_SETTINGS_MODULE=config.settings.production
-DJANGO_SECRET_KEY=
-DJANGO_ALLOWED_HOSTS=
+DJANGO_SECRET_KEY=CHANGEME!!!
+DJANGO_ALLOWED_HOSTS=*
 DJANGO_AWS_ACCESS_KEY_ID=
 DJANGO_AWS_SECRET_ACCESS_KEY=
 DJANGO_AWS_STORAGE_BUCKET_NAME=