-1

I want to use the Django SECRETE_KEY for creating my JWT (Json web token). Is it possible to read the django secrete key from all apps under a django project?

Please advise me on if it is a good practice to use the django secrete key for internal app logic.

Peter Parker
  • 29,093
  • 5
  • 52
  • 80
Arun Jose
  • 11
  • 4
  • If by any chance you are using django-restframework, there is an option that django secret can be use in the settings.py on JWT_AUTH configuration http://getblimp.github.io/django-rest-framework-jwt/#additional-settings – Shift 'n Tab Dec 24 '17 at 08:18
  • 1
    Thanks for the tip. Now I am using django-rest-framework-jwt. – Arun Jose Dec 25 '17 at 15:40

2 Answers2

0

I use .env file to do it. Try use .env that you can refer it to other file as well

https://github.com/jpadilla/django-dotenv

https://github.com/theskumar/python-dotenv

This link will help how to use .env to set it up

Austine Owoh
  • 1
0

Create an env file, import it into settings, eg:

assume settings.py and your env file is settings_top_Secret.py

In settings.py

from . import /PATH_TO/settings_top_Secret

SECRET_KEY = settings_top_Secret.SECRET_KEY

and in your settings_top_Secret.py

SECRET_KEY = '7984)0_beumt0)wuvk*y%))0_beumt0)wuvk*y%(vss-x-7z_'

And always, refrain from uploading settings_top_Secret to accessible path in live server, or in case of git, include it in gitignore.

Vipin Mohan
  • 1,631
  • 1
  • 12
  • 22