Dotenv is een manier om geheime sleutels (publieke als secret) en wachtwoorden op te slaan in environment variabelen.
Deze worden opgeslagen in een .env bestand. het bestand .gitignore moet het bestand .env bevatten zodat dit bestand niet opgeladen wordt in github dit om te voorkomen dat deze sleutels openbaar worden !
Om gebruik te kunnen maken van dotenv moet het python pakket python-dotenv geinstalleerd worden.
pip install python-dotenv
export DJANGO_SETTINGS_MODULE=django_project_naam.settings.prod
export SECRET_KEY='mijn_secret_key'
export EMAIL_HOST_PASSWORD='geheim_wachtwoord '
export STRIPE_LIVE_PUBLIC_KEY='live_publieke_sleutel'
export STRIPE_LIVE_SECRET_KEY='live_geheime_sleutel '
export STRIPE_PUBLIC_KEY='test_publieke_sleutel ''
export STRIPE_SECRET_KEY='test_geheime_sleutel '
django_project_naam = naam van je django project gemaakt met de django-admin tool
settings.prod ofwel settings
mijn_secret_key = kan opnieuw gegenereerd worden op website : https://miniwebtool.com/django-secret-key-generator/
import os
from dotenv import load_dotenvproject_folder = os.path.expanduser('~/mijn_project_naam')
load_dotenv(os.path.join(project_folder, '.env'))
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
mijn_project_naam = naam van je django naam folder-map
#!/bin/bash
# This hook is sourced after this virtualenv is activated.set -a; source ~/mijn_project_naam/.env;
SECRET_KEY = os.environ['SECRET_KEY']
...
INSTALLED_APPS = [
'accounts.apps.AccountsConfig',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'django.contrib.sitemaps',
'django.contrib.humanize',
'django_extensions',
'land',
'ckeditor',
'ckeditor_uploader',
'robots'
'base',]
...
LANGUAGE_CODE = 'nl'
TIME_ZONE = 'Europe/Brussels'
...
STATIC_URL = '/static/'
MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')CKEDITOR_CONFIGS = {
'default': {
# Editor Width Adaptation
'width':'auto',
'height':'250px',
# tab key conversion space number
'tabSpaces': 4,
# Toolbar Style
'toolbar': 'full',
# 'Custom',
# Toolbar buttons
# 'toolbar_Custom': [
# # Emotional Code Block
# ['Smiley', 'CodeSnippet'],
# # Font Style
# ['Bold', 'Italic', 'Underline', 'RemoveFormat', 'Blockquote'],
# # Font color
# ['TextColor', 'BGColor'],
# # Link link
# ['Link', 'Unlink'],
# # List of items
# ['NumberedList', 'BulletedList'],
# # Maximization
# ['Maximize']
# ],
# Add Prism related plug-ins
'extraPlugins': ','.join(['codesnippet', 'widget', 'lineutils']),
}
}CKEDITOR_UPLOAD_PATH = 'upload/'
CKEDITOR_IMAGE_BACKEND = 'pillow'LOGIN_URL = '/accounts/login/'
LOGIN_REDIRECT_URL = "/"
LOGOUT_REDIRECT_URL = "/"
EMAIL_USE_TLS= True
EMAIL_HOST= 'smtp.gmail.com'
EMAIL_PORT= 587
DEFAULT_FROM_EMAIL = 'ulefr01.pythonanywhere.com'
EMAIL_HOST_USER= 'ulefr01@gmail.com'
EMAIL_HOST_PASSWORD= os.environ['EMAIL_HOST_PASSWORD']
EMAIL_BACKEND='django.core.mail.backends.smtp.EmailBackend'LOG_DIR = os.path.join(BASE_DIR, 'log')
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
# Debugger is active
'handlers': {
'django_all': {
'class': 'logging.FileHandler',
'filename': os.path.join(LOG_DIR, 'django.log'),
},
'land_all': {
'class': 'logging.FileHandler',
'filename': os.path.join(LOG_DIR, 'land.log'),
},
},
'loggers': {
'django.server': {
'handlers': ['django_all'],
'level': 'DEBUG',
},
'django.request': {
'handlers': ['django_all'],
'level': 'INFO',
},
# 'django.db.backends': {
# 'handlers': ['django_all'],
# 'level': 'DEBUG',
# },
'adres': {
'handlers': ['land_all'],
'level': 'INFO',
},
},
}
from .base import *
DEBUG = True
ALLOWED_HOSTS = [
'127.0.0.2',
]# met gunicorn en gebruik van .env
STATIC_ROOT = 'django_project_naam /static'STATICFILES_DIRS = [
os.path.join(BASE_DIR, 'static/'),]
# met gunicorn volgende twee lijnen niet commentareren
STRIPE_PUBLIC_KEY = os.environ['STRIPE_PUBLIC_KEY]'
STRIPE_SECRET_KEY = os.environ['STRIPE_SECRET_KEY]'# ofwel met ./manage-py runserver_plus zonder .env volgende twee lijnen
# STRIPE_PUBLIC_KEY = 'pk_test_....'
# STRIPE_SECRET_KEY = 'sk_test_....'
from .base import *
DEBUG = False
ALLOWED_HOSTS = [
'ulefr03.eu.pythonanywhere.com'
]# ./manage.py collectstatic (production only)
STATIC_ROOT = 'django_project_naam/static'STRIPE_LIVE_PUBLIC_KEY = os.environ['STRIPE_LIVE_PUBLIC_KEY]'
STRIPE_LIVE_SECRET_KEY = os.environ['STRIPE_LIVE_SECRET_KEY]'# secure in production
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SECURE_REFERRER_POLICY = 'strict-origin'
SECURE_BROWSER_XSS_FILTER = True
dev.py aanpassen
start een virtuele omgeving
vf activate env_django_project_naam
enkel in test (fish) : source .env
gunicorn -b 127.0.0.2:8000 -w 5 django_project_naam .wsgi
ofgunicorn --bind = 127.0.0.2:8000 --workers = 5 django_project_naam .wsgi
chrome probleem : Fix for Google Chrome favicon loading in Django. You may have noticed that Chrome has issues loading the appropriate favicon on Django if you have it in a different path other than just '/favicon.ico'.
toevoegen in urls.py :
from django.views.generic.base import RedirectView
path('favicon.ico/', RedirectView.as_view(url='/static/css/favicon.ico')),