Django has lot of sensitive data in settings.py file, By default its visible to everyone. so we need to protect the sensitive data for that we will use python decouple.
- Decouple supports both .ini and .env files.
- First create a file named .env in the root of your project. You can also use a .ini file.
- Now install python decouple using below command
pip install python-decouple
- Then use it on your settings.py
from decouple import config
#Retrieve the configuration parameters
SECRET_KEY = config('SECRET_KEY')
DEBUG = config('DEBUG', default=False, cast=bool)
EMAIL_HOST = config('EMAIL_HOST', default='localhost')
EMAIL_PORT = config('EMAIL_PORT', default=25, cast=int)
How Python Decouple will works: Decouple always searches for Options in this order:
- Environment variables;
- Repository: ini or .env file;
- default argument passed to config.