search

systers / FirstAide-web

FirstAide is a application to help the Peace Corps Volunteers who are victims of sexual harassment.
http://systers.io/FirstAide-web/
GNU Affero General Public License v3.0
11 stars 47 forks source link

Store Twilio credentials in a separate file #119

Closed fatimarafiqui closed 7 years ago

fatimarafiqui commented 7 years ago

Currently twillio credentials are stored in three different files: twilioSMS.php, twilioCall.php and groupsms.php. We should store the credentials in a separate file due to following reasons:

  1. It is cumbersome to copy paste and maintain the credentials at three different locations.
  2. Someone can by mistake commit his/her credentials in the PR, thus we can maintain the file in gitignore file to make the system more secure and intact.
  3. In future, if the credentials or the token needs to be changed it can be changed at a single location and it would reflect instantly.
  4. Overall it would increase security, flexibility to change and reduce chances of human error.
AkankshaBodhankar commented 7 years ago

Where do you plan to store them?

fatimarafiqui commented 7 years ago

I am planning to store them in a separate file in services, or can create a separate directory named 'includes' and then the file can be included wherever required. I will also add it to gitignore.

fatimarafiqui commented 7 years ago

156 This is what I meant, I have stored the google reCaptcha credentials in a separate file (includes/setting.php)

AkankshaBodhankar commented 7 years ago

Okay resolve this.