开发者

Google App Engine - how to prevent exposure of passwords

问答 作者:

I'm using GAE to run my app. My application uses a password to connect an external service. Currently I stor开发者_StackOverflow社区e this password in a free-text property file which is part of the sources. Cause I share my sources in git-hub my passwords are exposed

IS there a way to store this kind of sensitive information in GAE configuration / environment (using the admin portal) or something like that. I guess I can store it somehow in the DataStore, but I'm looking for something simpler like heroku ENV solution

Keep a separate, .gitignore'd, unversioned file that has your passwords in it (say "private.py"). Then, add an example version of this file with placeholder values to your versioned source (say, "private.py.sample").

class AppConfig(db.Model):
    pass = db.StringProperty()

# ...
cfg = AppConfig.get_by_key_name("MyFirstApplication")
if cfg is None:
    cfg = AppConfig(key_name="MyFirstApplication")
    # this is initial run - request pass from user
    cfg.pass = userInput
    cfg.put()
# here you can use your cfg.pass

继续阅读:configurationenvironmentpasswords

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9