Python / Django-避免在源代码中保存密码 [英] Python/Django - Avoid saving passwords in source code
问题描述
我使用Python和Django创建Web应用程序,并将其存储在源代码管理中。 Django的正常设置方式是,settings.py文件中的密码均为纯文本。
I use Python and Django to create web applications, which we store in source control. The way Django is normally set up, the passwords are in plain text within the settings.py file.
用纯文本存储密码会给我带来许多安全问题,特别是因为这是一个开源项目,并且我的源代码将受版本控制(通过git,在Github上,让全世界都可以看到!)
Storing my password in plain text would open me up to a number of security problems, particularly because this is an open source project and my source code would be version controlled (through git, on Github, for the entire world to see!)
问题是,在Django /中安全地写入settings.py文件的最佳实践是什么? Python开发环境?
The question is, what would be the best practice for securely writing a settings.py file in a a Django/Python development environment?
推荐答案
尽管我无法在stackoverflow上遇到任何特定于Python的东西,但确实找到了<一个href = http://opensourcehacker.com/2012/12/13/configuring-your-python-application-using-environment-variables/ rel = noreferrer>有用的网站,并认为我将与社区的其他人分享解决方案。
Although I wasn't able to come across anything Python-specific on stackoverflow, I did find a website that was helpful, and thought I'd share the solution with the rest of the community.
解决方案:环境变量。
The solution: environment variables.
注意:尽管环境变量在Linux / Unix / OS X和Windows世界中都相似,但是我没有在Windows计算机上测试过此代码。请让我知道它是否有效。
Note: Although environment variables are similar in both Linux/Unix/OS X and in the Windows worlds, I haven't tested this code on a Windows machine. Please let me know if it works.
在您的bash / sh shell中,键入:
In your bash/sh shell, type:
export MYAPP_DB_USER='myapp'
export MYAPP_DB_PASSWORD='testing123'
在您的Django设置中文件:
And in your Django settings.py file:
DATABASE_USER = os.environ.get("MYAPP_DB_USER", '')
DATABASE_PASSWORD = os.environ.get("MYAPP_DB_PASSWORD", '')
在这种情况下,用户名和密码将默认为如果环境变量不存在,则返回一个空字符串。
In this case, the username and password would default to an empty string if the environment variable didn't exist.
这篇关于Python / Django-避免在源代码中保存密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
