# Simple Django Tip #2

In continuation with [my previous post](https://hellosambhavi.com/simple-django-tip-1) on simple Django tips, here is another one. In fact, it's not a tip, it's a mandatory practice that needs to be followed in any Django project.

In any project, many properties should not be visible evidently for security reasons. They should not be checked in code repos either. A few common examples in a Django project are database details, the secret key of a project, email settings, cloud storage details, caching details, ALLOWED\_HOSTS, DEBUG and any third-party API keys one may use.

A common approach to handle these is to maintain a `.env` file, load the property file using `loaddotenv` and fetch the property using `os.environ.get`

Let's look at the steps to implement this approach. To not repeat myself, I suggest following steps 1 through 4 from [my previous post](https://hellosambhavi.com/simple-django-tip-1).

### Step 1: Install python-dotenv

Per the pypi definition, `python-dotenv` reads key-value pairs from a `.env` file and use them to set as environment variables.

```python
pip install python-dotenv
```

### Step 2: Create a .env file

At the root level of your project (where `manage.py` resides), create a `.env` file.

### Step 3: Add entries to `.env` file

Properties that are not to be made visible and kept secure should be added to the `.env` file. To start with, let's just add `SECRET_KEY` and `DEBUG`

```python
SECRET_KEY=<your django project''s secret key>
DEBUG=True
```

### Step 4: Import and load `dotenv` files in `base.py`

Once the required properties are set in the `.env` file, let's move on to making use of them. Navigate to `base.py` and add the following statements

```python
from dotenv import load_dotenv

load_dotenv()
```

### Step 5: Fetch properties from `.env` using `os` package

Now that the environment variables are loaded from the file, we can invoke them using the usual `os` package like so 👇

```python
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get("SECRET_KEY")

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = os.environ.get("DEBUG") == "True"
```

In case of `DEBUG` we require a boolean value. Since `os.environ.get` always returns a string value, we add the check of `== "True"`. Otherwise, it will always be true irrespective of the actual value set in the `.env` file.

### Step 6: Add `.env` file to `.gitignore`

This is a very important step. Do not forget to add `.env` file to your `.gitignore`. Otherwise, it will be added to your code repository thus defeating the whole purpose of keeping things secret.

### Conclusion

As the title of the post says, this is a simple tip and hence a short post. Though short, make sure to incorporate this step whenever you build a Django project.