The easy way of handling Django secrets.
Project description
This little app helps you to not commit your secrets to a repo and adds a nice way of exporting/importing secrets for a new deployment or automated testing with environment variables.
Though this never happened to me during coding, Travis had some problems to reliably execute the tests and hot load the new secrets, so I had move the secrets module into the my_secrets package to not have two modules named secrets. Python obviously cant handle that. Lesson learned after about 40 Travis builds. :(
django-secrets is currently tested with Python 3.12, 3.13, and 3.14, and with Django 4.x, 5.x, and 6.x.
Supported versions
The CI matrix currently covers:
Python 3.12, 3.13, and 3.14
Django 4.x, 5.x, and 6.x
Django 4.x only on Python 3.12
For Django’s official Python compatibility, see the release notes: Django 5.2 and Django 6.1.
Installation
pip install django-secrets
If you prefer uv, use:
uv add django-secrets
Usage
After installing the package please add it to your INSTALLED_APPS settings.
INSTALLED_APPS = (
...
'django_secrets',
)
Because we want to be able to hide our secret settings, we have to alter manage.py to run some code before the Django magic happens. Open manage.py and alter it like this:
if __name__ == "__main__":
from django_secrets.startup import check
check()
...
Now that the check is in place, run manage.py to initialize your project. This will create a new my_secrets package in your project root with the following contents:
my_secrets ├── .gitignore ├── __init__.py ├── definitions.py └── secrets.py
The package also features a .gitignore file to prevent you from checking in any secrets to git. Now open definitions.py to add your secrets to the list. Start with the Django secret key for example. When you are done adding all secrets, run manage.py again and you will be asked to enter your secrets.
Now you can remove your secrets from settings.py and instead replace them like this:
from my_secrets import secrets SECRET_KEY = secrets.SECRET_KEY
Since the secrets are saved in a normal python package, you can just use them the normal way including code completion, but now they are safe! :)
Import / Export
This package adds a new management command: export_secrets. This will print out export statements so you can easily create environment variables on a new machine and let the check function do the rest for you, because it will also read in any known environment variables as secret values. This is quite handy for dynamically spawned instances or CI testing.
Have fun and stay safe!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file django_secrets-3.0.2-py3-none-any.whl.
File metadata
- Download URL: django_secrets-3.0.2-py3-none-any.whl
- Upload date:
- Size: 9.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fbd147d81e1cc915f1ce131dd4ebf6ed9e98ea0db69c17c02b3f6ae8665f9ab8
|
|
| MD5 |
136a8c3c246067a0128a0b25345a0d52
|
|
| BLAKE2b-256 |
d81ab9f662deb7ce4f0c7bee25e13ec0d0dffb7882869728fd72104c50a8fb3f
|
