The SECRET_KEY setting in settings.py should be unique and not shared with anyone. To allow easy development, it is currently included directly in the mentioned file. Deploying the project with publicly known "secret key" is a security issue. The key must be changed before deploying to a production server, probably by some automated way.
The
SECRET_KEYsetting insettings.pyshould be unique and not shared with anyone. To allow easy development, it is currently included directly in the mentioned file. Deploying the project with publicly known "secret key" is a security issue. The key must be changed before deploying to a production server, probably by some automated way.