Menu
In PHP the accepted way to secure database login credentials is to store them outside the web root, and to include() the files with the passwords. How are MySQL database login credentials safely stored in Python applications?
863
In Python with the help of maskpass() module and base64() module we can hide the password of users with asterisk(*) during input time and then with the help of base64() module it can be encrypted.
Encrypted passwordsIn some cases, passwords are stored in a database after being encrypted by a reversible algorithm (rot13, mask encryption…).
Well, one way of doing this is putting the passwords in a separate config/ini file that is not deployed with the project. And then, pass the path of this file to the main entry of the application, e.g.:
python main.py --config=/path/to/config.ini
Note that you'll need to parse this --config argument (see argparse) and then read and parse the config.ini file.
Update:
Since you mentioned web applications, there is also another way of passing configuration information - through the environ. For example, if you use mod_wsgi, you can putt this in the wsgi directives:
SetEnv my_namespace.some_param some_value
And then, this value will be accessible in the application with through os.environ:
import os
os.environ['my_namespace.some_param']
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
