add python-dotenv

requirements.txt

@@ -10,6 +10,7 @@ lazy-object-proxy==1.4.3
 mccabe==0.6.1
 PyJWT==1.7.1
 pylint==2.4.4
+python-dotenv==0.10.3
 pytz==2019.3
 six==1.13.0
 sqlparse==0.3.0

segnalibre/.env.sample

@@ -0,0 +1 @@
+SEGNALIBRE_SECRET_KEY=my-secret

segnalibre/settings.py

@@ -11,16 +11,17 @@ https://docs.djangoproject.com/en/2.2/ref/settings/
 """
 
 import os
+from dotenv import load_dotenv
 
+load_dotenv()
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
-
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'secret' # os environment
+SECRET_KEY = os.getenv('SEGNALIBRE_SECRET_KEY')
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True