django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty

Question

I created a new project in django and pasted some files from another project. Whenever I try to run the server, I get the following error message:

    Traceback (most recent call last):
      File "manage.py", line 10, in <module>
        execute_from_command_line(sys.argv)
      File "/Library/Python/2.7/site-packages/django/core/management/__init__.py", line 385, in execute_from_command_line
        utility.execute()
      .
      .
      .
            File "/Library/Python/2.7/site-packages/django/conf/__init__.py", line 115, in __init__
        raise ImproperlyConfigured("The SECRET_KEY setting must not be empty.")
    django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty.

Here's my settings.py

""" Django settings for dbe project.  """

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
from os.path import join as pjoin
BASE_DIR = os.path.dirname(os.path.dirname(__file__))


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/


# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = []

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'shared',
    'issues',
    'blog',
    'bombquiz',
    'forum',
    'portfolio',
    'questionnaire',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

TEMPLATE_DIRS = (
     os.path.join(BASE_DIR, "templates"),
     os.path.join(BASE_DIR, "templates", "issues"),
     os.path.join(BASE_DIR, "templates", "blog"),
     os.path.join(BASE_DIR, "templates", "bombquiz"),
     os.path.join(BASE_DIR, "templates", "forum"),
     os.path.join(BASE_DIR, "templates", "portfolio"),
     os.path.join(BASE_DIR, "templates", "questionnaire"),
     )

ROOT_URLCONF = 'dbe.urls'

WSGI_APPLICATION = 'dbe.wsgi.application'


# Database
# https://docs.djangoproject.com/en/1.7/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
    }
}

LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.7/howto/static-files/

MEDIA_URL = '/media/'
MEDIA_ROOT = pjoin(BASE_DIR, "media")
STATIC_URL = '/static/'
STATICFILES_DIRS = (
                    pjoin(BASE_DIR, "static"),
                    )

try:
    from local_settings import *
except:
    pass

Here's manage.py as well

#!/usr/bin/env python
import os
import sys

if __name__ == "__main__":
    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "dbe.settings")

    from django.core.management import execute_from_command_line

    execute_from_command_line(sys.argv)

Any help? Thanks!

Answer 1

Just like the error says, you have no SECRET_KEY defined. You need to add one to your settings.py.

Django will refuse to start if SECRET_KEY is not set.

You can read more about this setting in the docs.

The SECRET_KEY can be just about anything...but if you want to use Django to generate one, you can do the following from the python shell:

>>> from django.utils.crypto import get_random_string
>>> chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
>>> SECRET_KEY = get_random_string(50, chars)
>>> print SECRET_KEY

Copy the SECRET_KEY to your settings file.

Answer 2

SECRET_KEY variable in settings.py should be kept secret

You can place the string secret key generated with the get_random_stringfunction above (as said @rnevius ) in settings.py but use a function that get the variable.

This means, that for security reasons, it is better to hide the content of SECRET_KEY variable.

You can define an environment variable as follow:

In your $HOME/.bashrc or $HOME/.zshrc or /etc/bashrc or /etc/bash.bashrc according to your unix operating system and terminal manager that you use:

export SECRET_KEY='value_of_the_secret_key_generated_by_get_random_string_function'

you can look something like this:

export SECRET_KEY='lmrffsgfhrilklg-za7#57vi!zr)ps8)2anyona25###dl)s-#s=7=vn_'

And in the settings.py you can add this:

import os
from django.core.exceptions import ImproperlyConfigured

def get_env_variable(var_name):
    try:
        return os.environ[var_name]
    except KeyError:
        error_msg = "Set the %s environment variable" % var_name
        raise ImproperlyConfigured(error_msg)

SECRET_KEY = get_env_variable('SECRET_KEY')

The function get_env_variable tries to get the variable var_name from the environment, and if it doesn’t find it, it raises an ImproperlyConfigured error. Using it in this way, when you try to run your app and the SECRET_KEY variable is not found, you will be able to see a message indicating why our project fails.

Also you can protect the secret content variables of the project in this way.