Python Forum
Recommended way to store users,db credentials in a Python project?
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Recommended way to store users,db credentials in a Python project?
#1
I am working on a project where I am storing DB and users's credentials inside python code.
For example I have a script db.py which do crud operations and I am storing credential in this script as below-
credentials = {
"UAT": {
    "host": 'UAT_HOST',
    "port": UAT_PORT_Num,
    "read_db": 'SCHEMA_1',
    "write_db": 'SCHEMA_2',
    "user": 'UAT_USER',
    "password": 'UAT_PASSWORD'
},
"S3": {
    "KEY": 'S3_KEY',
    "SECRET": 'S3_SECRET_KEY'
}
}
Similarly I have a script merchant.py where I am using credentials like-
MERCHANT_ID = 1
STORE_ID = '1'
CATEGORY_ID = 123
URL = 'http://example.com'
environment = 'UAT'
I need to move above credentials in a secure place but I don't have any idea how to do that.
I am using Python3.6,Mysql.
Can you please suggest me what will be the standard approach?
Reply
#2
I am sure that many of you have worked on a Project and you must be not using credentials in your python code.
So Guyz share your learnings and best practice here!

It seems I got my answer so sharing for others also-
https://hackernoon.com/4-ways-to-manage-...23049e841b

If you have any better one then please share .
Reply
#3
You can find accidentally uploaded credentials on GitHub.
It's a bad idea to store the credentials in source code.
Just follow the concept, which is usee regular in PHP-Projects like Wordpress.
They store the credentials in a configuration file. If the project is hosted on GitHub,
you upload a credentials.example.ini instead your credentials. Additionally, if you use a vcs,
put your own credentials file on a ignore list. This file should never be uploaded.
Otherwise you'll have guests on your account ;-)

You can parse ini files with: https://docs.python.org/3/library/configparser.html
Or you just use the json format.
Almost dead, but too lazy to die: https://sourceserver.info
All humans together. We don't need politicians!
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Recommended way to read/create PDF file? Winfried 3 2,783 Nov-26-2023, 07:51 AM
Last Post: Pedroski55
  Cannot find py credentials file standenman 5 1,554 Feb-25-2023, 08:30 PM
Last Post: Jeff900
  python application and credentials safety concern aster 4 3,416 Mar-06-2021, 06:51 PM
Last Post: snippsat
  Using python to execute app or cmd that requires admin credentials thewolf 0 2,078 Mar-05-2021, 08:15 PM
Last Post: thewolf
  httplib2 - how to see credentials added by add_credentials? MSV 2 2,126 Aug-05-2020, 12:24 PM
Last Post: MSV
  How does a set in python store the elements? idknuttin 5 2,700 Jul-10-2020, 10:46 PM
Last Post: Gribouillis
  How to make Python 3.7.6 accessible to users Doguhan 4 2,727 May-19-2020, 05:36 PM
Last Post: snippsat
  [split] Python Module for Druid Users - "druidpy!" adaomacarl 0 1,805 Jan-14-2020, 11:34 AM
Last Post: adaomacarl
  Reading blob data from database by python and store it in .zip format Adityasi 2 6,442 Nov-18-2019, 05:22 PM
Last Post: ibreeden
  How do I install apps from google play store? using python + selenium.. mongo 0 2,243 Aug-05-2019, 12:41 AM
Last Post: mongo

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020