Document exact usage of and consequences of rotating SECRET_KEY
|Reported by:||erikr||Owned by:||erikr|
|Cc:||Triage Stage:||Ready for checkin|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Occasionally, people have accidents with their secret keys. It is somehow leaked, or they discover that they haven't stored it as securely as they should have. The trivial fix is to rotate your secret key. However, the secret key is used in various places, and this may invalidate existing tokens, sessions, etc. For example, if I remember correctly, secret keys form part of signed cookies and password reset tokens - but not password hashes.
We should document where exactly secret keys are being used, and therefore which data will be invalidated as soon as you rotate your secret key. This helps people understand what's going to happen, and will make sure nobody keeps an unsafe secret key because they are afraid of rotating it.
This requires some digging: there are of course many direct references to settings.SECRET_KEY, but also some more generic utilities, like cookie signing, that use the secret key, but that various other parts of Django then depend upon.
Change History (14)
comment:1 Changed 12 months ago by claudep
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Triage Stage changed from Unreviewed to Accepted
- Type changed from Uncategorized to Cleanup/optimization
comment:3 Changed 12 months ago by Zulu
- Owner changed from nobody to Zulu
- Status changed from new to assigned
Changed 12 months ago by Zulu
comment:11 Changed 6 months ago by timgraham
- Triage Stage changed from Accepted to Ready for checkin
comment:12 Changed 6 months ago by Erik Romijn <eromijn@…>
- Resolution set to fixed
- Status changed from assigned to closed