Opened 2 hours ago
Last modified 2 hours ago
#36782 closed New feature
Add management command for generating a Django SECRET_KEY — at Version 3
| Reported by: | Joe Philip | Owned by: | Joe Philip |
|---|---|---|---|
| Component: | Core (Management commands) | Version: | 6.0 |
| Severity: | Normal | Keywords: | |
| Cc: | Joe Philip | Triage Stage: | Unreviewed |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
Summary
Django provides a utility function, django.core.management.utils.get_random_secret_key(), for generating cryptographically secure secret keys. However, Django does not currently offer a built-in django-admin or manage.py command to generate a new SECRET_KEY for production use.
Developers frequently need to generate a proper secret key when:
- deploying to production,
- regenerating keys for CI/CD pipelines,
- creating new environments,
- or building automation scripts.
Since Django encourages using a strong, unique secret key in production, providing a first-class management command improves the developer experience and aligns with Django's philosophy of offering batteries-included tools.
---
Proposed Feature
Introduce a new management command:
python manage.py generate_secret_key
This command would output a securely generated secret key using Django's existing function:
`python
get_random_secret_key()
`
Example Output
`
g6v#s-!98=u&1xp$@1g&3s5)k5a(4l#1$g@)n#hjz9c4
`
---
Rationale
- Consistency – Django already provides the function but not an accessible command.
- Developer convenience – Users currently rely on third-party snippets, shell scripts, or copy-paste from docs.
- Security – Encourages developers to use Django’s own cryptographically strong generator rather than unsafe or custom-made solutions.
- Automation – Useful for scripts, CI pipelines, container builds, and provisioning tools.
---
Proposed Implementation
A new command under:
`
django/core/management/commands/generate_secret_key.py
`
Example implementation:
`python
from django.core.management.base import BaseCommand
from django.core.management.utils import get_random_secret_key
class Command(BaseCommand):
help = "Generate a new Django SECRET_KEY."
def handle(self, *args, options):
self.stdout.write(get_random_secret_key())
`
---
Documentation
Add a section to docs/ref/django-admin.txt describing the new command with usage examples.
---
Tests
A test would be added to ensure:
- The command runs successfully.
- The output is a string.
- The generated key meets expected length and randomness criteria.
Example:
`python
from django.core.management import call_command
from django.test import SimpleTestCase
class GenerateSecretKeyTests(SimpleTestCase):
def test_generates_valid_key(self):
key = call_command('generate_secret_key', stdout=None)
self.assertIsInstance(key, str)
self.assertGreater(len(key), 30)
`
Change History (3)
comment:1 by , 2 hours ago
| Owner: | set to |
|---|---|
| Status: | new → assigned |
comment:2 by , 2 hours ago
| Description: | modified (diff) |
|---|
comment:3 by , 2 hours ago
| Description: | modified (diff) |
|---|