Allow authentication to be passed during initialization of the Client::Api

oreoshake / hackerone-client

An unofficial wrapper for the HackerOne API

https://api.hackerone.com/docs/v1

MIT License

55 stars 27 forks source link

Allow authentication to be passed during initialization of the Client::Api #28

Closed bobek closed 7 years ago

bobek commented 7 years ago

I agree that keeping credentials in repos is not good practice, but it works for my purpose. I have changed the logic a bit to allow for using env as well as params during instantiation. So my code now looks like

client = HackerOne::Client::Api.new("showmax", {token_name: "<redacted>", token: "<redacted>"})

Let me know what you think about it.

oreoshake commented 7 years ago

:wave: thanks for the PR @bobek.

The activesupport change is :+1: but I think the other change is unnecessary. A workaround for this is to set the env vars yourself:

env["HACKERONE_TOKEN_NAME"] = "mytoken"
env["HACKERONE_TOKEN"] = "0123456789abcdef"

I don't necessarily think your proposed approach goes against best practices fwiw.

bobek commented 7 years ago

Oh my ... :grimacing: ... you are absolutely right.