In memory key #1
Description
Hi there!
I would like to suggest that the key is not put in a settings file.. well maybe that's good for some, but I don't really see the great benefit of encrypting something and then leaving the key next to it... if someone can access the .sqlite file, they sure as hell can also read the settings.py file !?
Anyways, my suggesting is the following:
Since Django is able to start without connecting to the database, I would allow Django to do so and then inject the key with a management command afterwards through command line user input.
Would that work?