On Saturday, March 18, 2017 at 11:11:38 AM UTC+1, jann@googlemail.com
wrote:
>
> I'll give the override_settings a closer look, but this seems like
> something one wouldn't want in a production environment.
>
Yes, this is only ment for tests.
--
You received this message because you are
"the self-service site is basically a small subset of our internal site. So
if somebody would gain access to our interal site, he/she would already
have access to a superset of data of the other site. So there is really no
point to also take over to the other site."
Just curious: why not just use
Thank you for your input. Yes I meant the PasswordResetTokenGenerator,
sorry for this.
It agree, it would be a fairly small addition to Django, however there
doesn't seem to be an easy (non-hackish) way to get around. Since the
impact on Django would be very small, I wanted to share my thoughts
Presumably you mean PasswordResetTokenGenerator when you write
PasswordResetToken.
Seems like a fairly small feature, but my security sense is tingling when
you say you're putting the secret key of one application in a variable for
another.
Normally in a situation where multiple applications need
