Secure Django Project With YAML Files

Hardcoding tokens & database credentials in .py files is insecure. Use yaml files for sensitive data and pyyaml library to read them instead of django-environ.

Hardcoding tokens, database credentials and other sensitive data in .py files is not secure. Many people use django-environ library, but I think it inconvenient. So I use yaml files for storing sensitive data and pyyaml library for reading data of them.
Create project folder:

mkdir myproject

    
    

    
    




Switch in created folder:

cd myproject

    
    

    
    




Create virtual environment:

python3 -m venv env

    
    

    
    




Activate virtual environment:

source env/bin/activate

    
    

    
    




Install Django and pyyaml:

pip3 install django pyyaml...

Read the full article