What should we do with all the secret stuff like passwords or secret keys that we have in our code?
The simplest way and the wrong way to handle these important credentials is to hardcode it in our code. When you push the code to the repository you are sharing your secret stuff with everybody else in your project. Even if you are working alone it can cause problems as anyone who sees your code will also have access to your secret information.
The safest way to handle your secret keys/password is saving them in envirnoment variables. In this post we will learn how to save important credentials in environment variables and access them in python script.
To set password or secret keys in environment variable on Linux(and Mac) you need to modify
.bash_profile file that is in your home directory. You need to open the terminal and cd to the home directory.
Now, open the
.bash_profile file in any text editor of your choice.
$ nano .bash_profile
We need to add our environment variable in this file. For that add following content at the top of the file.
export USER="username" export PASSWORD="password"
Note: There should not be any whitespace on either side of
Save the nano file by pressing ctrl + x and Y.
Now, use the following command to effect the changes.
$ source .bash_profile
The above mentioned method saves the secret credentials system-wide which may not be good idea if you have multiple applications.
The solution is to store the secrets in a seperate
A dotenv file contains only text, where it has one environment variable assignment per line.
.env file in your project and add your secret keys or passwords:
Important: Make sure to add it in your .gitignore file.
Now, you need to install
python-dotenv is a Python package that lets your Python app read a
.env file. This package will search for a .env and if it finds one, will expose the variables in it to the app.
$ pip install -U python-dotenv
To save passwords and secret keys in environment variables on Windows, you will need to open Advance System Setting.
You can navigate to
control panel > System and Security > System > Advanced system Settings.
Now in Advance System Setting click on
Here we can add new user variables and new system variables. We will add user variable by clicking
New under user variables.
In the new window you can add
Variable name and
Variable value and click ok.
Now, click Ok on
Environment Variables window to save changes.
To access these variables in our python script, we need to import the os module.
We can do that by using
os.environ.get() method and passing the key we want to access.
If you are using
.python-dotenvmethod you need to add a couple of lines at the start of your application.
from dotenv import load_dotenv
In case of Django project, you should add the above script at the top of
from dotenv import load_dotenv #for python-dotenv method load_dotenv() #for python-dotenv method import os user_name = os.environ.get('USER') password = os.environ.get('password') print(user_name, password) # output username password