Forums

"SECRET_KEY" setting must not be empty error

Recently, I pulled some changes from my github repository. I ran python manage.py collectstatic as normal but then I got this error. django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty.

I checked online and found your post about setting up environmental variables but I couldn't understand the steps and I didn't want to make a mistake. In my settings.py, I currently use two environment variables. One for the Secret Key and one for email_host_password. I also have a local_settings.py that sets the Secret key to the value itself when I am on my local computer but the file is is ignored by the .gitignore file when I push changes. According to the first step you mentioned in the post, you have to save the environment variables into a .env file:

cd ~/my-project-dir
echo "export SECRET_KEY=sekritvalue" >> .env
echo "export OTHER_SECRET=somethingelse" >> .env
# etc

I am confused as to whether I should put the exact secret value or the environment variable name I gave to the secret key value in my settings.py. Also, in my project directory, I don't have a .env file but rather I have a folder named after the virtual env I created on my local machine.

So Can you guide me through the changes I have to make? Thank you very much.

Could you tell us exactly which step in the help page was confusing for you? Regarding your questions -- the environment variable name should match the variable name in your settings if you want it to have any effect (it also needs a value, which -- in the example -- should be something instead of "sekritvalue"). If you're using different file than .env you just need to remember that and adjust the path in later steps where you point to the file holding the secrets (but you need some file, of course).

The first step. Is the .env file supposed to be in my project directory already or do I have to create it? If I have to create it, how should I do that? Because at the moment, my project directory does not have a file with .env .

Just so I am sure I understood you correctly, I'll use my email host password as an example. In my settings.py I set my EMAIL_HOST_PASSWORD = os.environ.get('ISOW_EMAIL_PASS'). So now in Bash console, do I have to run echo "export ISOW_EMAIL_PASS=apassword" >> .env ? And does the password I put have to be the real password or just a random value?

Sorry for the multiple questions. A lot of the steps are new and confusing so I don't want to do something which I didn't understand. Thank you

You need to create the .env file.

Yes, that is how you would set the password and you would have to use the correct password if you actually wanted to connect to the email host.

Okay, I followed a tutorial and managed to set up the environment variables. I tested it by printing the values of the variables in the bash console and it worked. So then I wanted to make sure the email was working so I logged into one of the accounts and tried to reset the password. However, when I entered the account's email and clicked reset password, instead of giving a success message saying that an email was sent, I get a Server error (500).

I already allowed less secure apps in the host gmail and the reset password process works on my local computer. What could be causing the problem?

I'm not sure what are you trying to do -- why are you checking email by resetting the password? Where are you doing it? Do you see any errors in your web app error log?

My website has account management. One of my environment variables was the password to the host email that will be sending the reset password link as well as receiving messages from the contact page. After setting up the environment variables in pythonanywhere, I wanted to make sure that the password reset links were being sent to the logged in user from the host email.

So I logged into one of the accounts and tried to change its password. However, after entering the user email, I get a server error (500) instead of being redirected to a password reset confirmation page that tells the user to check their email for the password reset link. When I check the error logs, I get this :

2021-08-27 10:48:31,594: Internal Server Error: /reset_password/
Traceback (most recent call last):
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/core/handlers/base.py", line 179, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/views/generic/base.py", line 73, in view
    return self.dispatch(request, *args, **kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/utils/decorators.py", line 43, in _wrapper
    return bound_method(*args, **kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/utils/decorators.py", line 130, in _wrapped_view
    response = view_func(request, *args, **kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/contrib/auth/views.py", line 222, in dispatch
    return super().dispatch(*args, **kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/views/generic/base.py", line 101, in dispatch
    return handler(request, *args, **kwargs)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/views/generic/edit.py", line 142, in post
    return self.form_valid(form)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/contrib/auth/views.py", line 235, in form_valid
    form.save(**opts)
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/contrib/auth/forms.py", line 323, in save
    self.send_mail(
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/contrib/auth/forms.py", line 273, in send_mail
    email_message.send()
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/core/mail/message.py", line 284, in send
    return self.get_connection(fail_silently).send_messages([self])
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/core/mail/backends/smtp.py", line 102, in send_messages
    new_conn_created = self.open()
  File "/home/iSow/.virtualenvs/isowvenv/lib/python3.8/site-packages/django/core/mail/backends/smtp.py", line 69, in open
    self.connection.login(self.username, self.password)
  File "/usr/lib/python3.8/smtplib.py", line 734, in login
    raise last_exception
  File "/usr/lib/python3.8/smtplib.py", line 723, in login
    (code, resp) = self.auth(
  File "/usr/lib/python3.8/smtplib.py", line 646, in auth
    raise SMTPAuthenticationError(code, resp)
smtplib.SMTPAuthenticationError: (534, b'5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbt\n5.7.14 4zfgHrq9Tdy2IO7uqbGYVYQVJr3zRWtq_KGeMmtYZwV7D9FTB91wIT9YLYsKGPYwbuJ3B\n5.7.14 mgSdIRt9LaJbNJH4N7rXhOdYXLEwos_kjMGqmz-VqSMxet56dNrkzzMKr8W_XX6a>\n5.7.14 Please log in via your web browser and then try again.\n5.7.14  Learn more at\n5.7.14  https://support.google.com/mail/answer/78754 m5sm4328799qkn.33 - gsmtp')

On my local computer, everything works fine. I get the password reset link from the host email and any messages sent from the contact page is received in the inbox of the host email. So I am assuming it's something to do with the environment variables I set up in pythonanywhere. Though, when I ran echo $EMAIL_HOST_PASSWORD in the bash console, I got the correct password.

It looks like you might need to set app specific password, see this help page.

Thank you. I set up the app password and now gmail is allowing the sign in.

Excellent, thanks for confirming!