How Does Django Generate Secret Key

Jul 07, 2013  Hiding Django's Secret Key. Posted on July 7, 2013 by Miles Steele Django uses a secret key for many of its security features. It will look for an existing secret key in and if it does not find one, then it will generate and save one into secretkey.py when the settings file is used.

Jwt Secret Key Generator

Django Secret Key Setting
  1. I wrote an ansible-role for openwisp2 to ease its deployment, it's a series of django apps. To ease the deployment as much as possible, I wrote a simple (probably trivial) SECRETKEY generator script which is called by ansible to generate the secret key the first time the ansible playbook is run. Now, that works fine BUT I think it defeats the built-in security measures Django has in.
  2. Django-admin startproject automatically adds a randomly-generated SECRETKEY to each new project. Uses of the key shouldn’t assume that it’s text or bytes. Every use should go through forcestr or forcebytes to convert it to the desired type. Django will refuse to start if SECRETKEY is not set.
>python manage.py runserver
Traceback (most recent call last):
File 'manage.py', line 8, in <module>
execute_from_command_line(sys.argv)
File '//anaconda/lib/python2.7/site-packages/django/core/management/__init__.py', line 399, in execute_from_command_line
utility.execute()
File '//anaconda/lib/python2.7/site-packages/django/core/management/__init__.py', line 392, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File '//anaconda/lib/python2.7/site-packages/django/core/management/base.py', line 242, in run_from_argv
self.execute(*args, **options.__dict__)
File '//anaconda/lib/python2.7/site-packages/django/core/management/base.py', line 279, in execute
saved_locale = translation.get_language()
File '//anaconda/lib/python2.7/site-packages/django/utils/translation/__init__.py', line 154, in get_language
return _trans.get_language()
File '//anaconda/lib/python2.7/site-packages/django/utils/translation/__init__.py', line 52, in __getattr__
if settings.USE_I18N:
File '//anaconda/lib/python2.7/site-packages/django/conf/__init__.py', line 54, in __getattr__
self._setup(name)
File '//anaconda/lib/python2.7/site-packages/django/conf/__init__.py', line 49, in _setup
self._wrapped = Settings(settings_module)
File '//anaconda/lib/python2.7/site-packages/django/conf/__init__.py', line 151, in __init__
raise ImproperlyConfigured('The SECRET_KEY setting must not be empty.')
django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty.

commented Nov 8, 2016
edited

Solution of the problem Just like the error says, you have no SECRET_KEY defined. You need to add one to your settings.py.
Django will refuse to start if SECRET_KEY is not set.
You can read more about this setting in the docs.

Generate ssh keys for git. The SECRET_KEY can be just about anything..but if you want to use Django to generate one, you can do the following from the python shell:

from django.utils.crypto import get_random_string
chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
SECRET_KEY = get_random_string(50, chars)
print SECRET_KEY

Copy the SECRET_KEY to your settings file.

Flask Secret Key

How does django generate secret key on facebook

How Does Django Generate Secret Key Generator

Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment