Reputation: 1
I have the task to hide customer's data form my script. I am using this example. I don't understand the
import creds
import sys
import calendar
reload(sys)
sys.setdefaultencoding('utf-8')
app = Flask(__name__)
app.secret_key = creds.ACCESS_TOKEN
How we create creds
file? Are there any examples of this?
Upvotes: 0
Views: 103
Reputation: 3325
Create creds.py
in the same directory, with contents like this:
ACCESS_TOKEN = "myaccesstoken..."
Check syntax by running it:
python3 creds.py
It will be importable into your original source.
However, I doubt whether this is a good pattern for security. All it does is separate the access token from your main source file by "hiding" it in another source file. Hopefully someone with a strong background in security will pipe up with a better pattern. It's the kind of thing that is very easy to "make work" but "get wrong".
This might be a case where simple is OK, though, assuming that the creds are your creds and not a customer's creds, and the platform you're running the python code on is secure.
Upvotes: 1
Reputation: 44
Unfortunately after looking at the link you added, it seems like you have taken something out of the middle of a script. I would recommend reading the information about how the module cred's actually works rather than hi-jacking it. You will be a lot better off if you understand the concept behind what you are trying to do.
Upvotes: 1