From 97c6b13d57d74ecca3109a579eeb00923b4c6eb4 Mon Sep 17 00:00:00 2001 From: Herculino Trotta Date: Thu, 16 Jan 2025 09:23:18 -0300 Subject: [PATCH] security: actually use SECRET_KEY env variable. You will get logged out. --- app/WYGIWYH/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/WYGIWYH/settings.py b/app/WYGIWYH/settings.py index 4d744d3..d10dddd 100644 --- a/app/WYGIWYH/settings.py +++ b/app/WYGIWYH/settings.py @@ -26,7 +26,7 @@ ROOT_DIR = Path(__file__).resolve().parent.parent.parent # See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = "django-insecure-##6^&g49xwn7s67xc&33vf&=*4ibqfzn#xa*p-1sy8ag+zjjb9" +SECRET_KEY = os.getenv("SECRET_KEY", "") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = os.getenv("DEBUG", "false").lower() == "true"