Update .env

[yamilethmedina]

For the environment variables. @ErnieAtLYD Please check lib/phone_number_processor.rb, because the version on my own repo is already using the variables instead of the hardcoded values - @CyberStrike pointed this out on #9

[ErnieAtLYD]

Hey Yami - since these Twilio credentials would be shared w/ the world, wouldn't it be better if this WASN'T in github? If you need this in .env, I would put this in .gitignore.

@CyberStrike would know better though?

[yamilethmedina]

@ErnieAtLYD @CyberStrike How will it be able to test and function without the .env file being provided to the CfA folks? I guess I can email them (and anyone else who can deploy) the file.

[ErnieAtLYD]

I think CFA has their own set of Twilio API keys and credentials - one API key for many state phone numbers, but I could be wrong. So your Twilio credentials would only be for the Code for Miami development environment.

[CyberStrike]

@yamilethmedina Normally we just go out and grab our own test keys and write them to our own local .env or use an application.yml with Figaro.

.env should be put into the .gitignore and a copy with dummytext renamed to .env.example

Keys should never go into the codebase. I once had a client that put his AWS keys on Github. Hacker took them and spawned bunch of bots to DDOS some sites. Not only did he get $3000 bill from Amazon, he got some interesting government letters too.

[yamilethmedina]

@ErnieAtLYD @CyberStrike done! :) somehow I forgot that; maybe because I was working on it within github while at work and not on my system..thanks for the heads up!