This repository has been archived by the owner on Aug 10, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Credential Wipe Procedure
Seung Won [Tom] Lee edited this page Jul 3, 2018
·
3 revisions
Three most important credentials are: SECRET_KEY, DATABASE_URL, CLOUDAMQP_URL/CLOUDAMQP_APIKEY
The SECRET_KEY is used for:
- How to reset: Replace the old
SECRET_KEYwith the newly generated one using the script below.
import random
SECRET_KEY = ''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)])
- All sessions if you are using any other session backend than django.contrib.sessions.backends.cache, or are using the default get_session_auth_hash().
- All messages if you are using CookieStorage or FallbackStorage.
- All PasswordResetView tokens.
- Any usage of cryptographic signing, unless a different key is provided.
The DATABASE_URL is used for:
- How to reset:
- If there are no data that needs to be reserved, going on Heroku and wipe the database.
- Otherwise, the existing data will have to be exported and imported after wiping the database.
- Any read/write access to the database
The CLOUDAMQP_URL/CLOUDAMQP_APIKEY are used for:
- How to reset:
- Regenerate via Heroku dashboard
- Any read/write access to the job broker.