Yonatan Maman
Yonatan Maman

Reputation: 2498

Google App Engine - how to prevent exposure of passwords

I'm using GAE to run my app. My application uses a password to connect an external service. Currently I store this password in a free-text property file which is part of the sources. Cause I share my sources in git-hub my passwords are exposed

IS there a way to store this kind of sensitive information in GAE configuration / environment (using the admin portal) or something like that. I guess I can store it somehow in the DataStore, but I'm looking for something simpler like heroku ENV solution

Upvotes: 3

Views: 284

Answers (2)

rmflow
rmflow

Reputation: 4765

class AppConfig(db.Model):
    pass = db.StringProperty()

# ...
cfg = AppConfig.get_by_key_name("MyFirstApplication")
if cfg is None:
    cfg = AppConfig(key_name="MyFirstApplication")
    # this is initial run - request pass from user
    cfg.pass = userInput
    cfg.put()
# here you can use your cfg.pass

Upvotes: 1

Amber
Amber

Reputation: 526543

Keep a separate, .gitignore'd, unversioned file that has your passwords in it (say "private.py"). Then, add an example version of this file with placeholder values to your versioned source (say, "private.py.sample").

Upvotes: 5

Related Questions