reading-notes

reading notes for code fellows

Project maintained by dLeigh01 Hosted on GitHub Pages — Theme by mattgraham

API Deployment

These are important to know so we can have properly configured settings and a working understanding of SSH for our future work in Django.

Django Settings Best Practices

Some possible issues that come up when managing Django settings are:

Environments: usually you will have several environments, each with different settings, and you need a way to keep all their configurations correct.
Sensitive data: Django will have its secret key, and sometimes other sensitive data that needs to be hidden.
Sharing settings amongst a team: there needs to be a general approach to settings on the team or someone could change something and cause major issues.
Django settings are a Python code: they have a lot of flexibility, but can also have very tricky logic.

If you want to have settings that are environment specific, you can use a local_settings.py file, which will be ignored by VCS. This keeps the secrets out, but also keeps that code out and you could end up losing some of it. You can also make a settings package with a different file for each environment. For the isssue of secret data in this case, you can use os.environ to use environmental variables instead, though it is generally better to use django-environ instead.

Naming conventions are important in Python, the general rules to follow are to give your settings meaningful names, always use the prefix with the project name for your custom project settings, and write decriptions for your settings in the comments. With settings, some best practices are to keep your settings in an environmental variable, give default values, don’t hardcode sensitive settings, split settings into groups, and follow the naming conventions.

SSH Tutorial

Secure Shell Protocol (SSH) is a remote administration protocol that allows users to access, control, and modify their remote servers over the internet. It was created to replace Telnet, which was unencrypted, by providing a mechanism to authenticate a remote user. To use SSH, you go to your terminal and use ssh {user}@{host}. The SSH key command tells the system you want to open an encrypted connection, user represents the account you want to access, and host refers to the computer you want to access. SSH uses three different encryption technologies, symmetrical encryption, asymmetrical encryption, and hashing. It uses these by making use of a client-server model to allow for authentication of two remote systems and to encrypt the data moving between them. When you’re authenticating a user, it is suggested to use SSH Key Pairs rather than a password so the connection can’t be brute forced by a bot.

Discussion

I think the actual process behind the SSH encryption is very interesting and it reminds me a bit of a more complicated version of the hashing we did for the hashtables.

[< table of contents]

[< home]