Secret Key generation for Django and Flask

Both Django and Flask rely on SECRET_KEY to generate things like session IDs, cookies etc. Here is a safe way to generate them. Note that this relies on the secrets module introduced in Python 3.6 and onwards.

From the Python docs:

The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

In particular, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.

>>> import secrets
>>> secrets.token_urlsafe(16)
'AFzuAgp6gjoUkRZnuJwAdQ'
>>> secrets.token_hex(16)
'9df31cad3eb2f66386575da6dd6641ae'
>>>

I usually prefer the second option. token_hex.

Tek Shinobi
Author: Tek Shinobi

Hiya Ninjas, I am the ninja who invented the fire, wheel, science, technology and everything intelligent this humanity has ever experienced since its evolution from monkeys and germs. Actually, above is a partial list. I also was involved with the Big Bang that created this universe. What was it like before the Big Bang is so secret that if I tell you, I will have to turn you into a hobbit and force you to be my gardener. Okay. Sayonanra, Namaste Tek Shinobi




No Comments


You can leave the first : )



Leave a Reply

Your email address will not be published. Required fields are marked *