[英]Is the following enough to protect my secret key and database password for heroku deployment?
I have added the environment variables through to get secret key database name and password.我已经通过添加环境变量来获取密钥数据库名称和密码。 Now anything else to make it more secure.Let me know.
现在还有什么可以让它更安全的。让我知道。
Used "Advance system settings" and under that added environment variables in "User variables".使用“高级系统设置”并在“用户变量”中添加环境变量。 Also this is going to be my first deployment on 'heroku' that's why following a tutorial.
这也将是我在“heroku”上的第一次部署,这就是为什么要遵循教程。
SECRET_KEY = os.environ['DB_SECRET']
databases数据库
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'portfoliodb',
'USER': os.environ.get('DB_USER'),
'PASSWORD': os.environ.get('DB_PASS'),
'HOST': 'localhost',
'PORT': '5432',
}
}
Heroku has a package that handles that for you. Heroku 有一个 package 可以为您处理。 More info here .
更多信息在这里。 Essentially, it overrides default with secure credentials automatically generated in the Heroku platform.
本质上,它使用在 Heroku 平台中自动生成的安全凭证覆盖默认值。
Add the following import statement to the top of settings.py:
将以下导入语句添加到 settings.py 的顶部:
import django_heroku
Then add the following to the bottom of settings.py:
然后将以下内容添加到 settings.py 的底部:
Activate Django-Heroku.
激活 Django-Heroku。
django_heroku.settings(locals())
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.