问题描述
我为Openwisp2编写了以简化其部署,这是一系列的django应用程序。为了尽可能简化部署,我编写了一个简单的(可能是微不足道的),在可运行的剧本第一次运行时,被ansible调用以生成密钥。
I wrote an ansible-role for openwisp2 to ease its deployment, it's a series of django apps. To ease the deployment as much as possible, I wrote a simple (probably trivial) SECRET_KEY generator script which is called by ansible to generate the secret key the first time the ansible playbook is run.
现在,可以正常工作,但我认为它击败了Django在生成强密钥时所采用的内置安全措施,这也是很难猜到的。
Now, that works fine BUT I think it defeats the built-in security measures Django has in generating a strong key which is also very hard to guess.
当时,我在研究其他方式但没有找到太多,现在我不知道:是否有一个用于生成设置的功能。Django中的SECRET_KEY吗?
At the time I looked at other ways of doing it but didn't find much, now I wonder: is there a function for generating settings.SECRET_KEY in django?
这可以避免这种情况的家庭烘焙解决方案即使可以使用,但在安全性方面却无效。
That would avoid this kind of home baked solutions that even though they work they are not effective when it comes to security.
推荐答案
实际上,您可以使用调用 startproject
时会生成新密钥的函数,即。
Indeed, you can use the same function that generates a new key when you call startproject
, which is django.core.management.utils.get_random_secret_key()
.
请注意,它与您的版本没有太大区别。
Note however it's not very different from your version.
这篇关于django中是否有用于生成settings.SECRET_KEY的功能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!