Using environment variables to keep sensitive data out of Django settings
I was helping a new developer at my company start developing with Django. As he was going through the Django Book he felt uncomfortable about storing secret keys, password, and API keys in his settings.py file. Environment variables are the solution, but I couldn’t find any good posts out there that explain the basics.
So here is how you use environment variables to keep sensitive data out of your source code:
- Set your environment variable using the
exportcommand, like this:
import osto your settings.py file if it isn’t there already.
- Retrieve the environment variable in your settings file with this syntax:
EMAIL_HOST_PASSWORD = os.environ['DJANGO_EMAIL_PASSWORD']
Remember that the export command is specific to that terminal session. Your environment variable won’t be accessible from any other terminal windows, and it will disappear when
Continue reading →