stackoom
  简体   繁体   中英

Difference between app_secret_key and secret_key for Django-Auth-App

 原文  2021-02-17 01:37:37       python/ django/ two-factor-authentication/ django-two-factor-auth

Question

For the python django package, django-duo-auth, the README shows the proper DUO CONFIG to be like so in settings.py:

    DUO_CONFIG = {
    'DEFAULT': {
        'HOST': '<api-host-url>',
        'IKEY': '<integration_key>',
        'AKEY': '<app_secret_key>',
        'SKEY': '<secret_key>',
        'FIRST_STAGE_BACKENDS': [
            'django.contrib.auth.backends.ModelBackend',
        ]
    }
}

HOST, IKEY, and SKEY make sense as they are attributes found in the Duo AUTH API, but I am confused as to what app_secret_key would mean. Any suggestions?

1 answers

solution1
 0  2021-11-08 17:43:17

Not sure if you are still having this issue, but for the sake of anyone running into this same question: The application's secret key is just a string that will be used as part of the request signing process during authentication. In some of Duo's client libraries this gets generated for you automatically on a per-request basis, but duo_web doesn't. You should just generate a random string of at least 40 characters and use that.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Are Django SECRET_KEY's per instance or per app? Django App deployed on Heroku works despite wrong SECRET_KEY Django settings SECRET_KEY Deploy Django SECRET_KEY Django SECRET_KEY on VPS How to keep a SECRET_KEY secret in Django? Confusion regarding Django and SECRET_KEY Django exception: Improperly configured SECRET_KEY Dynamic SECRET_KEY in Django disadvantages Django says SECRET_KEY must not be empty
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM