Oops I Committed My Secret Key

062f9d19b2fb305e6734c778ff01e87b?s=47 Philip James
July 20, 2016
Technology
0
110

Oops I Committed My Secret Key

Lightning talk given at DjangoCon US 2016

062f9d19b2fb305e6734c778ff01e87b?s=128

Philip James

July 20, 2016
Tweet

More Decks by Philip James

See All by Philip James
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
23
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
1
22
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
25
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
25
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
210
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
1
170
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
66
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
1
53
062f9d19b2fb305e6734c778ff01e87b?s=48 phildini
0
110

Other Decks in Technology

See All in Technology
835671ae91e49b2637313b91dacda1db?s=48 tdys13
2
2k
3dc29e8cfc6ef333e2b41a1b0e826b57?s=48 cortinico
5
260
1dfa2bb34977b1db41d0d46d4505183f?s=48 osuke
2
2.2k
53850955f15249a1a9dc49df6113e400?s=48 line_developers
1
3.3k
Ace15f29f740e60d42f7a3ff03a4952d?s=48 curanosuke
1
140
8db231d3fe08b46242f6e0e45c95eee1?s=48 darkomesaros
1
130
3115a782126be714b5f94d24073c957d?s=48 oracle4engineer
0
330
54bcc1069d75636cc735e72877dd30ec?s=48 taichinakamura
0
250
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
280
664b6e8ebe272fcfa5dbd6070eaf3cd4?s=48 wadayusuke
2
690
5c3556b7c8c0ab6bc90a62161a8315f8?s=48 gracia
0
470
53850955f15249a1a9dc49df6113e400?s=48 line_developers
1
170

Featured

See All Featured
C157b16234f1e75e8eac3698c1d4414a?s=48 ddemaree
274
31k
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
100
11k
Aebc2d07a50011e2a30d38435fde564a?s=48 jrom
113
6.8k
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
2
300
2bb923c57a1fdc3a2eb484bb8d565fd2?s=48 ufuk
55
5.2k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
407
57k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
681
180k
0bce06bd06ee7a2c4f5500f25dcf7f18?s=48 paulrobertlloyd
69
1.2k
B3d6434763caa0ef5dc4b792662c49f7?s=48 smashingmag
228
17k
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
190
8.6k
282d599b414022eba5096510f675b6e2?s=48 chrislema
169
14k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
240
20k

Transcript

  1. Oops I Commi*ed My Secret Key Philip James @phildini h*ps:/

    /www.wordfugue.com

  2. $ django-admin.py startproject bestthingever $ git init $ git add

    . $ git commit -m "Initial commit” $ git push origin master
  3. None

  4. Wait, have I?

  5. YES. Signed Cookies Secure Sessions Password Reset Tokens

  6. What do I do?

  7. import os import warnings from django.core.exceptions import ImproperlyConfigured def get_env_variable(var_name):

    """ Get the environment variable or return exception """ try: return os.environ[var_name] except KeyError: error_msg = "Set the %s env variable" % var_name if DEBUG: warnings.warn(error_msg) else: raise ImproperlyConfigured(error_msg)

  8. SECRET_KEY = get_env_variable("SECRET_KEY")

  9. How do I get a new key?

  10. h*p:/ /www.miniwebtool.com/django-secret-key-generator/ $ python manage.py shell >>> from django.utils.crypto import

    get_random_string >>> get_random_string(length=50)

  11. What about my users?

  12. OpOonal: No permanent key

  13. Thanks. @phildini h*p:/ /bit.ly/secret-key Come back at 1:15PM for “Cat

    on yer head”!