name: API Key Setup / Environment Configuration
about: Configure API key usage without exposing or running it locally in code
title: "[Config] API Key Setup"
labels: ["backend", "config", "security"]
assignees: []
Description
Set up API key handling properly using environment variables instead of hardcoding or executing directly in local code.
Context
- Current state: API key is either hardcoded or not properly configured in environment
- Target state: API key is securely loaded from environment variables and not exposed in the codebase
Scope
- Use
.env file for storing API keys
- Load API key using environment variables (e.g.
os.getenv in Django)
- Ensure API key is not committed to repository
- Configure settings for development and production environments
Not Included
- Frontend implementation
- Feature-specific API usage logic
- UI or page changes
Notes
- Never expose API keys in code or frontend
- Add
.env to .gitignore
- Follow Django security best practices (
settings.py configuration)
Acceptance Criteria
name: API Key Setup / Environment Configuration
about: Configure API key usage without exposing or running it locally in code
title: "[Config] API Key Setup"
labels: ["backend", "config", "security"]
assignees: []
Description
Set up API key handling properly using environment variables instead of hardcoding or executing directly in local code.
Context
Scope
.envfile for storing API keysos.getenvin Django)Not Included
Notes
.envto.gitignoresettings.pyconfiguration)Acceptance Criteria
.env