From 559977f9bc74412739784926862b94a558e6fd84 Mon Sep 17 00:00:00 2001 From: Markos Gogoulos Date: Mon, 11 May 2026 13:08:34 +0300 Subject: [PATCH] fix: secret key --- cms/settings.py | 7 +++++-- cms/version.py | 2 +- deploy/docker/local_settings.py | 4 +++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/cms/settings.py b/cms/settings.py index 23fd769c..ed9ea32d 100644 --- a/cms/settings.py +++ b/cms/settings.py @@ -1,6 +1,7 @@ import os from celery.schedules import crontab +from django.core.management.utils import get_random_secret_key from django.utils.translation import gettext_lazy as _ DEBUG = False @@ -171,8 +172,10 @@ REST_FRAMEWORK = { } -SECRET_KEY = "2dii4cog7k=5n37$fz)8dst)kg(s3&10)^qa*gv(kk+nv-z&cu" -# TODO: this needs to be changed! +# Set the SECRET_KEY env var in production. If unset, a fresh random key is +# generated per process — safe but invalidates sessions and signed tokens on +# every restart. +SECRET_KEY = os.getenv("SECRET_KEY") or get_random_secret_key() TEMP_DIRECTORY = "/tmp" # Don't use a temp directory inside BASE_DIR!!! BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) diff --git a/cms/version.py b/cms/version.py index 0d58b2fb..f17675b4 100644 --- a/cms/version.py +++ b/cms/version.py @@ -1 +1 @@ -VERSION = "8.0.1" +VERSION = "8.0.3" diff --git a/deploy/docker/local_settings.py b/deploy/docker/local_settings.py index 84438dfe..0722859d 100644 --- a/deploy/docker/local_settings.py +++ b/deploy/docker/local_settings.py @@ -1,8 +1,10 @@ import os +from django.core.management.utils import get_random_secret_key + FRONTEND_HOST = os.getenv('FRONTEND_HOST', 'http://localhost') PORTAL_NAME = os.getenv('PORTAL_NAME', 'MediaCMS') -SECRET_KEY = os.getenv('SECRET_KEY', 'ma!s3^b-cw!f#7s6s0m3*jx77a@riw(7701**(r=ww%w!2+yk2') +SECRET_KEY = os.getenv('SECRET_KEY') or get_random_secret_key() REDIS_LOCATION = os.getenv('REDIS_LOCATION', 'redis://redis:6379/1') DATABASES = {