Open dhimmel opened 8 years ago
We are going to remove db access anyway and replace it with API. All read access to API could go without authorization, so anyone could just fetch data and make their calculations. To write to server one will need an active login.
The best practice for this case is authenticate anyone when he requires access and store token, then use this token for all the requests.
For now db_conf.py
is ok. It probably shouldn't be placed inside a package though.
Would it make more sense to have the user provide the database configuration rather than having it hardcoded as a module?
@Suor, if so what is the best way to go about accomplishing this?