Posts

Showing posts with the label Environment Variables

Using Environment Variable in Django to avoid security compromise

  While working with web applications often we need to store sensitive data for authentication of different modules such as database credentials and API keys. These sensitive keys should not be hardcoded in the   settings.py   file instead they should be loaded with Environment variables on runtime. An environment variable is a variable whose value is set outside the program, typically through a functionality built into the operating system. An environment variable is made up of a name/value pair. Environment variables help us keep secrets (for example, Passwords, API tokens, and so on) out of version control, therefore, they are considered an integral part of the popular Twelve-Factor App Design methodology and a Django best practice because they allow a greater level of security and simpler local/production configurations. Also, environment variables provide a greater degree of flexibility for switching between local development setup and  production setup . Therefore Adding environm