From 949f66e2b45829904a4296d4c98bf186369bc920 Mon Sep 17 00:00:00 2001
From: Daoud Clarke <daoud.clarke@gmail.com>
Date: Fri, 27 Oct 2023 07:01:06 +0100
Subject: [PATCH] Keep secret key private in prod

---
 mwmbl/settings_common.py | 3 ---
 mwmbl/settings_dev.py    | 4 ++++
 mwmbl/settings_prod.py   | 3 +++
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/mwmbl/settings_common.py b/mwmbl/settings_common.py
index ea038fc..2dad3aa 100644
--- a/mwmbl/settings_common.py
+++ b/mwmbl/settings_common.py
@@ -19,9 +19,6 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
 
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-qqr#f(i3uf%m8%8u35vn=ov-uk(*8!a&1t-hxa%ev2^t1%j&sm'
-
 
 # Application definition
 
diff --git a/mwmbl/settings_dev.py b/mwmbl/settings_dev.py
index 953b0dc..44257d5 100644
--- a/mwmbl/settings_dev.py
+++ b/mwmbl/settings_dev.py
@@ -1,6 +1,10 @@
 from mwmbl.settings_common import *
 
 
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'django-insecure-qqr#f(i3uf%m8%8u35vn=ov-uk(*8!a&1t-hxa%ev2^t1%j&sm'
+
+
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.sqlite3',
diff --git a/mwmbl/settings_prod.py b/mwmbl/settings_prod.py
index b4f3e42..d668722 100644
--- a/mwmbl/settings_prod.py
+++ b/mwmbl/settings_prod.py
@@ -5,6 +5,9 @@ import dj_database_url
 from mwmbl.settings_common import *
 
 
+SECRET_KEY = os.environ["DJANGO_SECRET_KEY"]
+
+
 DATABASES = {'default': dj_database_url.config(default=os.environ["DATABASE_URL"])}
 
 DEBUG = False