Currently, our authentication for Github is exposed in our repository. This creates a problem for a a few potential reasons:
Someone could use our credentials to login to our github account and change our password.
If someone forks the repository and starts testing it locally on their own machine, their github api queries will count against our 5k per hour limit.
So, I think we should set up a separate file (authentication.rb) to house each of our unique login information. Then when when we test locally, our queries won't count against our github api queries for our deployed heroku app.
This authentication.rb file should be included in our .gitignore file so as to not be uploaded to github.
At the same time, we should set up a separate authentication.rb file on our heroku server to handle authentication for our webapp.
Currently, our authentication for Github is exposed in our repository. This creates a problem for a a few potential reasons:
So, I think we should set up a separate file (authentication.rb) to house each of our unique login information. Then when when we test locally, our queries won't count against our github api queries for our deployed heroku app.
This authentication.rb file should be included in our .gitignore file so as to not be uploaded to github.
At the same time, we should set up a separate authentication.rb file on our heroku server to handle authentication for our webapp.