[Flask] Database credentials in clear text
and.damore at gmail.com
Wed Jul 29 08:17:04 CEST 2015
On 28 July 2015 at 16:46, Matt Shields <matt at mattshields.org> wrote:
> So far as I've been developing all my credentials have been contained in a
> config.py file in clear text. Is there any way to not keep these in clear
> text or in a file in the application path?
> One of our .NET developers mentioned that when they are developing .NET
> apps, they put all their credentials into the Windows Locker and their app
> is authorized to get the credentials as needed.
You are possibly looking at something like python keyring , I'm not
sure about Windows Locker but I wrote a small app that used the
system's keychain on OS X and Debian.
Notice that the latter used GNOME's keychain in graphical session but
then when I connected via ssh the required environment vars weren't
right there and keyring used a file storage into an own config folder,
I took a while for me to figure why I wasn't finding the credentials I
had already stored.
More information about the Flask