DEV Community

Discussion on: How to protect your Django Secret and OAuth Keys

Collapse
mattschwartz profile image
Matthew Schwartz

Good tip. My solution is to commit a settings_base.py file with the Django project. On each deployed system (including local) I then have a settings.py file which imports the base file and overrides anything secret or unique to the system.

Your solution is also very convenient when working with docker. It's common practice to pass settings into containers using environment variables.

Collapse
vladyslavnua profile image
vladyslav nykoliuk Author

That's also a very viable solution. Thank you for the comment!