django-json-secrets is a package that helps you import the secret values managed by JSON file into Django.
- Python (3.6)
- Django (>2.0)
When Project name is mysite, initial Django structure:
mysite/
__init__.py
settings.py
urls.py
...
Split the settings module and move everything to base.py
mysite/
settings/
__init__.py
base.py
local.py
urls.py
Modify local.py
so that local.py
gets all the contents of base.py
.
mysite/settings/local.py
from .base import *
Modify mysite/settings/__init__.py
to use mysite.settings.local
as default
mysite/settings/__init__.py
import os
SETTINGS_MODULE = os.environ.get('DJANGO_SETTINGS_MODULE')
if not SETTINGS_MODULE or SETTINGS_MODULE == 'mysite.settings':
from .local import *
Install using pip
pip install django-json-secrets
Define SECRETS_DIR
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
SECRETS_DIR = os.path.join(BASE_DIR, '.secrets')
After defining SECRETS_DIR
, import and execute function import_secrets
from djs import import_secrets
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
SECRETS_DIR = os.path.join(BASE_DIR, '.secrets')
import_secrets()
django-json-secrets evaluates the value defined in JSON using Python's eval()
function.
If you need a specific Python module in the eval()
process, you need to add the module name and module's full path string(or Python module object) to SECRETS_MODULES
dictionary.
# If need raven and requests module
import requests
SECRETS_MODULES = {
# Module's full path string
'raven': 'raven',
# Python module object
'requests': requests,
}
JSON values that require eval()
using the raven
module example:
"RAVEN_CONFIG": {
"release": "raven.fetch_git_sha(os.path.abspath(os.pardir))"
}
Specify the folder that contains the JSON secret files, and name the JSON file as the module name to assign the value to.
If the folder where the JSON secret files are gathered is .secrets
and the settings
module is packaged, it has the following structure.
# settings module
settings/
__init__.py
base.py
local.py
# Secrets DIR
.secrets/
base.json
local.json
.secrets/base.json
{
"SECRET_KEY": "SDFSEFSDFDF"
}
.secrets/local.json
{
"ALLOWED_HOSTS": [
".localhost",
"127.0.0.1",
".lhy.kr"
]
}
settings/base.py
from djs import import_secrets
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
SECRETS_DIR = os.path.join(BASE_DIR, '.secrets')
import_secrets()
settings/local.py
from .base import *
import_secrets()
When the settings
module is loaded, the set secret values are output to the console.
- JSON Secrets (base)
SECRET_KEY = ls@************************************
- JSON Secrets (local)
ALLOWED_HOSTS
.localhost
127.0.0.1
.lhy.kr
If you set the PRINT_JSON_SETTINGS
value of the settings
module to False
, the settings will not be output.
...
PRINT_JSON_SETTINGS = False
import_secrets()