totallynotadi
commented
2 years ago thanks for notifying that, it was a mistake i made to forget removing the creds in the code despite having env variables set up it's fixed now and the credentials are stored as environment variables on the repo as well as the server and not exposed anywhere. this issue will be closed with the next commit with the fix
I just want to point out some security vulnerabilities and threats that can be found in index.py:25.
It is considered a bad practice storing sensitive information on a base64 encoded bytes, instead store it on a file that is present on .gitignore or even on a environment variable.