djangodjango-settings

Is there a function for generating settings.SECRET_KEY in django?


I wrote an ansible-role for openwisp2 to ease its deployment, it's a series of django apps. To ease the deployment as much as possible, I wrote a simple (probably trivial) SECRET_KEY generator script:

#!/usr/bin/env python
"""
Pseudo-random django secret key generator
"""
from __future__ import print_function
import random

chars = 'abcdefghijklmnopqrstuvwxyz' \
        'ABCDEFGHIJKLMNOPQRSTUVXYZ' \
        '0123456789' \
        '#()^[]-_*%&=+/'

SECRET_KEY = ''.join([random.SystemRandom().choice(chars) for i in range(50)])

print(SECRET_KEY)

which is called by ansible to generate the secret key the first time the ansible playbook is run.

Now, that works fine BUT I think it defeats the built-in security measures Django has in generating a strong key which is also very hard to guess.

At the time I looked at other ways of doing it but didn't find much, now I wonder: is there a function for generating settings.SECRET_KEY in django?

That would avoid this kind of home baked solutions that even though they work they are not effective when it comes to security.


Solution

  • Indeed, you can use the same function that generates a new key when you call startproject, which is django.core.management.utils.get_random_secret_key().

    Note however it's not very different from your version.