Docs: Add warning to prevent leaking SECRET_KEY in version control
This commit is contained in:
Mervan Palmér
parent
7ab0e99886
commit
66b3945f66
1 changed files with 9 additions and 3 deletions
|
|
@ -39,9 +39,9 @@ Pip will install your project along with its dependencies.
|
|||
Since this is a different machine, you need to run ``init-db`` again to
|
||||
create the database in the instance folder.
|
||||
|
||||
.. code-block:: text
|
||||
.. code-block:: text
|
||||
|
||||
$ flask --app flaskr init-db
|
||||
$ flask --app flaskr init-db
|
||||
|
||||
When Flask detects that it's installed (not in editable mode), it uses
|
||||
a different directory for the instance folder. You can find it at
|
||||
|
|
@ -72,6 +72,12 @@ will read from if it exists. Copy the generated value into it.
|
|||
|
||||
SECRET_KEY = '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
|
||||
|
||||
.. warning::
|
||||
Never commit the file containing your production ``SECRET_KEY`` to version
|
||||
control. Ensure that your ``.gitignore`` file excludes the ``instance/``
|
||||
folder and the specific ``config.py`` file to prevent leaking your secret
|
||||
key to a public repository.
|
||||
|
||||
You can also set any other necessary configuration here, although
|
||||
``SECRET_KEY`` is the only one needed for Flaskr.
|
||||
|
||||
|
|
@ -108,4 +114,4 @@ servers and deployment options that you may choose for your project.
|
|||
|
||||
.. _Waitress: https://docs.pylonsproject.org/projects/waitress/en/stable/
|
||||
|
||||
Continue to :doc:`next`.
|
||||
Continue to :doc:`next`.
|
||||
Loading…
Add table
Add a link
Reference in a new issue