1

I find myself needing to log into google to use the remote api, however it requires an email and password to authenticate the process. Is there anyway I could hide both of them and require other contributors to the project to add their own (securely)?

from google.appengine.ext.remote_api import remote_api_stub
import database
import getpass

email = "gmail@gmail.com" #can't show this line
password = "password" #can't show this line

def auth_func():
  return (email, password)

remote_api_stub.ConfigureRemoteApi(None, '/_ah/remote_api', auth_func,
                               'app.appspot.com')
Mmm Donuts
  • 9,551
  • 6
  • 27
  • 49
  • 1
    Although not a direct duplicate, http://stackoverflow.com/q/2397822/3058609 might shed some light on how other devs approach sensitive data in repos – Adam Smith Aug 20 '15 at 23:47

2 Answers2

3

I would put it in a different file (config.xml for example) and not committing it. You could them verify if it exists before building your app.

Grigs
  • 37
  • 1
  • 6
3

You can keep the sensitive information in environment variables, and include instructions to set the environment variables in your application documentation prior to running the application.

To retrieve the variables from within Python (from here):

import os

email = os.environ.get("GOOGLE_EMAIL")
password = os.environ.get("GOOGLE_PASSWORD")

if email and password:
    # ... process...

If you're using virtualenv (which you should!) you may also want to use a tool like autoenv (or others mentioned on this question) which can set the relevant environment variables for your single command line/console session when you cd into the project directory.

You may also put the commands in a shell script/batch file and just make sure not to commit it.

Community
  • 1
  • 1
Chris Hunt
  • 3,840
  • 3
  • 30
  • 46