From f1e211925dc5489db6343c64e5ad8dcaee0f525c Mon Sep 17 00:00:00 2001
From: Alec Li <smartspot2@gmail.com>
Date: Thu, 25 Jul 2024 18:38:11 -0700
Subject: [PATCH] Replace django get_random_secret_key with secrets.token_hex

---
 setup.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/setup.sh b/setup.sh
index 940220ae..f7cef16f 100755
--- a/setup.sh
+++ b/setup.sh
@@ -65,7 +65,8 @@ WEB_CONCURRENCY=4" > .env
 # Get a new key
 echo "Generating Django secret key..."
 export SECRET_KEY='temp'  # set temporary secret key
-export SECRET_KEY=$(python3 csm_web/manage.py shell -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())")
+# Note: this secret key doesn't have much cryptographic complexity, but it'll only be used for development
+export SECRET_KEY=$(python3 -c "import secrets; print(secrets.token_hex(32))")
 echo "SECRET_KEY='$SECRET_KEY'" >> .env
 
 # Pull AWS S3 credentials