I’ve never had to do this, so I’m just tossing out some thoughts and ideas here. I don’t have any actual code to share.
Lessee… First, you’ll need some sort of mechanism to get the current password and put it in a location that every Django process will be able to access.
If I were doing something like this, I’d be using redis - but that’s primarily because I rely upon redis in most of my systems for doing a variety of things. This means that I’m already familiar with it and I know it’s going to be available in my environments. However, redis definitely isn’t required. You could use memcached - or even just writing it out to a file. Whatever you feel comfortable with.
Then, I would create a stand-alone process that does whatever needed to be done to create/retrieve that password and store it in the appropriate location.
Finally, I’d create the database engine to retrieve that password from that location whenever a connection is going to be made. It looks like the function that you would want to replace is the get_new_connection
method in django.db.backends.postgresql.base.DatabaseWrapper
.
You could probably copy the entire postgresql
backend into your project and modify it directly - or you could possibly just create the files you need and import the code you need from the parent classes. (I did something like this for a different purpose - see Database instrumentation at a higher layer for some ideas.)