On my last weekend project I needed to talk to an API using an
AUTH_KEY which should be private but should be included in the request instead of using any auth method.
The request I needed to run was:
So I decided to use pyyaml, and it's very easy to use! Here's a short example of the python file
import json import yaml file = open('config.yml', 'r') cfg = yaml.load(file, Loader=yaml.FullLoader) url = 'https://<URL>/<SOMETHING>/<SOMETHING_ELSE>.json/?auth_key=' + cfg['auth']['key'] request = requests.get(url) # then, everything else
config.yml is something like this:
auth: key: MY_AUTH_KEY
And not I can have my
config.yml stored only in my laptop or, even better, in some secret place like a vault or something but not publicly accessible to anybody in GitHub.