-1

I made forgot password reset for my Django hosted Heroku app. I have been finding it difficult to hide my Gmail account, especially the password for production and security reasons but it couldn't be found.

I hid it in the Heroku config var

EMAIL_HOST_USER   'email address'
EMAIL_HOST_PASSWORD   'email address password'

but it was not still working.

I also tried using config, but the .env file is not pushed to GitHub because it is hidden in .gitignore and Heroku can't access it.

Is there any other way I can set this??

chryzcode
  • 49
  • 2
  • 9
  • You can set the [env variables in Heroku](https://devcenter.heroku.com/articles/config-vars) and later those values can be accessed via [many methods in Python](https://stackoverflow.com/questions/4906977/how-to-access-environment-variable-values) – JPG Aug 27 '21 at 02:25
  • There are many 3rd party packages that do this job very well. – JPG Aug 27 '21 at 02:26

1 Answers1

0

For every sensitive attribute you should create a config var which you can access at runtime

host_user = (os.environ.get("EMAIL_HOST_USER", 'defaultVal')

The default value is convenient for your development environment, in case you have a dev/testing account for example.

Make sure the config vars are UPPER CASE.

Beppe C
  • 11,256
  • 2
  • 19
  • 41