How to use Environment Variables in Django

In a Django project, there is information that needs to be kept secret like a Secret key, a Database username and password, and API keys. This is because their exposure to foreign parties can put your project at risk of security attacks. In Django projects that are not meant for deployment, this may not be a big issue but for production-level projects, it is mandatory to keep the information safe. In Django, we do that by using environment variables which are variables stored in the system of a computer so that no one can access them. This post is going to elaborate more on how to use environment variables in a Django project.

Coming up.

Table of Contents: use Environment Variables in Django

How to use Environment Variables in Django

Follow these steps to use Environment variables in a Django project:

  1. Install python-dotenv
  2. Import and Initialise python-dotenv in
  3. Create a .env file at the root of the Project
  4. Set Environment Variables in .env file
  5. Assign the Environment Variables in the
  6. Add the .env file to .gitignore file

Here are the detailed steps to set environment variables in Django:

Step 1: Install python-dotenv

The tool we are going to use to set our environment variables in this post is python-dotenv.

Python-dotenv is able to function by reading key-value pairs from a .env file, and it can then use those pairs to set environment variables.

To install it in your Django project, run the following command in the terminal of your Django project:

(env) $ pip install python-dotenv

Once the command has been run, it’s now time to use it in the file of our Django project.

Step 2: Import and Initialise python-dotenv in

We start by importing python-dotenv in our file. At the top of file below the Path import, add the following 2 import statements and an initialisation statement:

from dotenv import load_dotenv
import os


load_dotenv is going to load our environment variables from the .env file. os is going to access the operating system since we’re saving these variables to the system of the computer.

Below the imports, we initialize dotenv by calling the load_dotenv() function.

We can now start using python_dotenv in the file.

Step 3: Create a .env file at the root of the Project

At the root of your Django project folder, create a new file called .env. Make sure you don’t miss the period at the beginning. Your project structure should look like this:

β”œβ”€β”€ .env #here

This is a special type of file. Your code editor should display it with an icon that is different from the rest. In VS Code, it is displayed as a gear icon.

Step 4: Set Environment Variables in .env file

Now it is time to declare all the variables that you want their values to be kept safe or secret. Such information can be passwords, secret keys, API keys, and so on. As an example, I will list a few variables that are important to keep safe. The list can be longer depending on your project:


These are few of the variables you can add to the .env file.

Note that we don’t use quotes around strings because they will be converted automatically when they get loaded into the file.

Note that we also do not use spaces on both sides of the assignment operator because there is no need to.

You can learn more on how to declare environment variables using python_dotenv from it’s pypi page.

Step 5: Assign the Environment Variables in the

Now that our variables are in the .env file, its now time to replace the explicit values in the with the ones in the Django environment variable file.

We use environ from os as follows:

SECRET_KEY = os.environ.get('SECRET_KEY') #here
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': os.environ.get('DB_NAME'), #here
        'USER': os.environ.get('DB_USER'), #here
        'PASSWORD': os.environ.get('DB_PASS'), #here
        'HOST': '',
        'PORT': '3306',
        'OPTIONS': {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"},

We use the get() method to get the environment variable from the .env file.

The DATABASES dictionary in this example has the configuration for the MySQL database.

To check if you’ve set the environment variables correctly, run the development server of your Django project.

Step 6: Add the .env file to .gitignore file

Since the .env file contains sensitive information about our Django project, it should also not be uploaded to a git repository. To do that, you have to add it to the list in the .gitignore file of your Django project. .gitignore is a file where you list all the files and directories you do not want to be uploaded to git.

How to use Environment Variables in Django
Scroll to top