Browse code
Set a valid / unique SECRET_KEY others than the empty default.
Django's default SECRET_KEY is an empty string, which is actually not
secure. Use horizon.util.secret key to generate a unique key and store
it securely.
Change-Id: I7b6deed7db6136ee15ac7ea315019a5b78698f7d
Sascha Peilicke authored on 2012/06/21 23:09:27Showing 1 changed files
| ... | ... |
@@ -20,6 +20,10 @@ DATABASES = {
|
| 20 | 20 |
CACHE_BACKEND = 'dummy://' |
| 21 | 21 |
SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db' |
| 22 | 22 |
|
| 23 |
+# Set a secure and unique SECRET_KEY (the Django default is '') |
|
| 24 |
+from horizon.utils import secret_key |
|
| 25 |
+SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store')) |
|
| 26 |
+ |
|
| 23 | 27 |
# Send email to the console by default |
| 24 | 28 |
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' |
| 25 | 29 |
# Or send them to /dev/null |