Load credentials to environment, bypassing the database

Panthyr / panthyr_credentials

Provide access and functions for credentials file. Credentials file contains credentials for specific Panthyr station. This class allows creation of a blank credentials file, as well as getting the data from an existing one.

https://waterhypernet.org/equipment/

GNU General Public License v3.0

0 stars 0 forks source link

Load credentials to environment, bypassing the database #1

Open dietervansteenwegen opened 2 years ago

dietervansteenwegen commented 2 years ago

Currently credentials are stored in the database. This leaves them open to be viewed by anyone that has access to (backups of) the database. Loading the credentials in to the linux environment variables at boot allows all scripts to access them, without storing anything in the database.

from this blogpost

# pip install python-dotenv
import os
from os.path import join, dirname
from dotenv import load_dotenv

dotenv_path = join(dirname(__file__), ".env")
load_dotenv(dotenv_path)

API_KEY = os.environ.get("API_KEY", "default")

print(API_KEY)
# a3491fb2-000f-4d9f-943e-127cfe29c39c

dietervansteenwegen commented 2 years ago

If done, remove credentials options from db module...

dietervansteenwegen commented 2 years ago

load_dotenv returns True, no matter if succesful or not. Parsing the file using configparser and then setting them manually using

import os

# Set variables
os.environ['USERNAME'] = 'user'

# Get variables
user = os.getenv('USERNAME')
BAR = os.environ.get('BAR') # returns None if variable does not exist

dietervansteenwegen commented 2 years ago

Doesn't work as I expected either. Environmental variables are limited in scope to the proces they are created in. Thus, they are only visible from within the Python process they are set from. So this cannot be used inter-process...

Might have to come up with another option or reevaluate how to use this.