I want to store my config and variables outside of my code (views.py and other files). As I understand this is a measure of good practice and security. With the help of others posts on PA forums I’ve got a functioning site using a config.py file and no app.config variables defined within my code. Doesn’t seem that I need the .env file.
Other possibly useful criteria:
- Config.py is stored in /home/CostaRica/mysite/config.py
- My init.py file refers to config through
app.config.from_pyfile('/home/CostaRica/mysite/config.py')
- My wsgi.py file is unchanged
Am I missing something? Am I practicing good security based on these criteria so far? Sorry for open ended question. I don’t feel I understand .env and config.py. I’m hoping someone with more experience can fill in the gap I’m missing on this process.