diff options
| author | Adrian Holovaty <adrian@holovaty.com> | 2005-07-20 00:37:45 +0000 |
|---|---|---|
| committer | Adrian Holovaty <adrian@holovaty.com> | 2005-07-20 00:37:45 +0000 |
| commit | 897d24b220a9615f036ffed663926851a7ec5e64 (patch) | |
| tree | e9dfc7356eee74f966785f830ab2ed9a4d361fe0 /django/bin/django-admin.py | |
| parent | 43538e78eb98966838168b9d9d84d5f6313e9277 (diff) | |
| download | django-897d24b220a9615f036ffed663926851a7ec5e64.tar.gz | |
Fixed #95 -- Added SECRET_KEY setting instead of hard-coding keys that are shared for every Django installation. 'django-admin.py startproject' now creates a random SECRET_KEY. The auth and comments modules, and the admin middleware, all use SECRET_KEY now, instead of hard-coded values.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@230 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/bin/django-admin.py')
| -rwxr-xr-x | django/bin/django-admin.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/django/bin/django-admin.py b/django/bin/django-admin.py index 7aa049a53f..25bcdcf424 100755 --- a/django/bin/django-admin.py +++ b/django/bin/django-admin.py @@ -340,15 +340,24 @@ def _start_helper(app_or_project, name, directory, other_name=''): def startproject(project_name, directory): "Creates a Django project for the given project_name in the given directory." + from whrandom import choice _start_helper('project', project_name, directory) # Populate TEMPLATE_DIRS for the admin templates, based on where Django is # installed. - settings_file = os.path.join(directory, project_name, 'settings/admin.py') - settings_contents = open(settings_file, 'r').read() - fp = open(settings_file, 'w') + admin_settings_file = os.path.join(directory, project_name, 'settings/admin.py') + settings_contents = open(admin_settings_file, 'r').read() + fp = open(admin_settings_file, 'w') settings_contents = re.sub(r'(?s)\b(TEMPLATE_DIRS\s*=\s*\()(.*?)\)', "\\1\n '%s',\\2)" % ADMIN_TEMPLATE_DIR, settings_contents) fp.write(settings_contents) fp.close() + # Create a random SECRET_KEY hash, and put it in the main settings. + main_settings_file = os.path.join(directory, project_name, 'settings/main.py') + settings_contents = open(main_settings_file, 'r').read() + fp = open(main_settings_file, 'w') + secret_key = ''.join([choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)]) + settings_contents = re.sub(r"(?<=SECRET_KEY = ')'", secret_key + "'", settings_contents) + fp.write(settings_contents) + fp.close() startproject.help_doc = "Creates a Django project directory structure for the given project name in the current directory." startproject.args = "[projectname]" |