Hide API keys in Python scripts using python-dotenv, .env, and .gitignore

Подписаться 4,7 тыс.

Просмотров 45 тыс.

50% 1

Sometimes you want to make your code public, but don't want to share an API key, email address, or password with the world. Using a combination of python-dotenv and a .gitignore file, you'll be good to go!
Note: If you're using Jupyter Notebooks, make sure you're not printing your API keys all over the place!! (and also: your .env file will need to be in the same directory as your .ipynb)
repo: github.com/jsoma/dotenv-example
python-dotenv: github.com/theskumar/python-d...
gitignore: gitignore.io/

Наука

Опубликовано:

26 июн 2021

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 83

@_Gintoki 2 года назад

Always found the config files and .env file scary, but after seeing your video it seems so easy to work with and super logical too!

@janvichitroda4689 2 года назад

Wow, this is one of the best tutorials I have seen. Explained everything so well, now there is no need to search for any other tutorial on this topic. Thank you.

@-Anubhab 3 месяца назад

totally agreed

@gold4963 2 года назад

This was an awesome, clear tutorial and exactly what I needed! Thanks so much!

@mblackonline1059 Год назад

Thank you for posting this. It really helped with understanding how to use the dotenv module to hide my API keys. I especially liked the tip on creating the content for gitignore file.

@devstuff92 2 года назад

Most simple explanation ever, I've struggled with this lol thank you

@xiaolinghe4314 Год назад

very clear and intuitive instead of just throwing jargons!

@brandonconner7319 2 года назад

I was having issues with conflicting instructions until I found your video. Thank you! Great content, great presentation

@jsoma 2 года назад

You're welcome!

@maurillekobri9484 Год назад

Clean and excellent explanation. Thanks a million, Jonathan Soma!

@arnavraina2615 2 года назад

One of the.... no No only one clearest explanation!! Thank you very much!

@joydeepsarkar3092 4 месяца назад

Glad I came across this tutorial of yours! Very helpful!

@edsonsabino 2 года назад

Great! I was struggling to hide credentials of a SQL database and your video helped me get it done. Thankyou!!

@Moist_yet_Crispy Год назад

Great video Jonathan, this helped alot. I was stuck in the weeds for a bit.

@alisherpulatov3587 Год назад

Finally, best ever explanation about how to use python-dotenv. You made my life easier, Bro! Thank You so much for this video.

@aishwaryamurugappan5138 2 года назад

Loved it, Clear and just to the point, very well explained! Keep up the good work :)

@asoniox Год назад

Clear and straight to the point! Thank you!

@yuliyasheichenka1175 Год назад

Wonderful tutorial, very clear and precise! Thank you a lot!

@misosoup7531 2 года назад

This was the best tutorial for me to understand how to use dotenv in python!! tysm

@milkmangames100 Год назад

Best tutorial I have seen on this topic. Good job brother.

@sinothi Год назад

Amazing tutorial. Cannot wait to learn more stuff from you!!!

@jtl_1 2 года назад

Indeed, what a great tutorial. Covers all my questions.

@stevefox7469 Год назад

Thanks - really well explained. Super simple when it is explained as well you did!

@alanalmeida7887 2 года назад

Thanks, Well Explained! 15 minutes well spent, got to learn a lot:)

@kevon217 Год назад

Helpful and thorough. Thanks!

@MohanRaj-fo6uk 2 года назад

Awesome, You have clearly explained it.

@adityavaste3732 2 года назад

That was the complete tutorial, thanks for it.

@retroblackztar Год назад

Thanks a lot for your explanation, I used this video to configure .env with java

@GoodguyGastly Год назад

Thank you for such an excellent tutorial!

@dallaspalumbo9889 Год назад

thank you for making this was the key to success

@amphetaminedaydream Год назад

Perfectly explained. Thanks.

@the_flash_light 2 года назад

Thanks for your explanation, set me interested in and was like really useful to know!

@ssk-ct7cr Год назад

Very complete! Thanks for sharing! :)

@JoNNy8904 Год назад

Phenomenal tutorial!

@itaysagy3756 Год назад

Very informative. Thank you!

@koushikromel Год назад

Explained well man! 👏🏻

@SAURABHSINGH-fl2ep 7 месяцев назад

Exactly what i needed, thanks

@noco2605 2 года назад

Thanks a lot, finally it becomes clear to me

@anton9410 Год назад

Perfect explanation, with a pinch of satire!

@basilihuoma5300 2 года назад

Nice explanation, Appreciate it.

@ake_bangkok9312 Год назад

many thanks, it is what I'm looking for

@jknyt Год назад

Thanks! relaxing tutorial

@iheleanbeefpatty 2 года назад

Thank you Sir! Subscribed!

@user-dc3jp4ee8c 2 года назад

Very helpful video - thanks

@stephonhenry-rerrie3997 2 года назад

very thorough thanks!

@assef444 Год назад

great explanation !

@nelsonjoseph3673 9 месяцев назад

Best one so far. :)

@eziola Год назад

Great video! You showed us how to read a .env variable into a python module. Next would be how do I set or write to or update a .env variable from my python module? This is something I have to do with refresh tokens. I have to read the last refresh token from the .env file, get a new refresh token back, and save the new refresh token back into the .env variable. Hopefully that make sense! It would be amazing to know how to do that!

@aditya_01 2 года назад

Thanks great and really helpful video.

@newgenart482 Год назад

Thank you bro was super useful

@rashin4157 2 года назад

very helpful tutorials

@terristhompson9860 2 года назад

When you have liked this video and still revisit a year later.

@19holegolf 8 месяцев назад

Thank you!!!

@investandcyclecheap4890 2 года назад

thank you this was very helpful. What about for virtual machines, would I just be able to create a .env file right on my VM and pull the secure info from there?

@vaha2833 2 года назад

Thanks for explanation. Now i know....

@stephenthumb2912 2 года назад

Any chance you do blockchain programming :)? This was really a great tutorial on something simple but obscure but important haha.

@fotromba Год назад

Hey, great video! I've always had the doubt, what if build a web app and deploy it using Heroku or something. If my app connects to a cloud server like Firebase with a password and I have that in my gitignore file, will people be able to use my web app? Or will my app not be able to find that password?

@shiblyaziz4528 2 года назад

Thank you

@ldELuxEl Год назад

When I deploy my app to a server(heroku for example) from GitHub - it does not have env file(obviously). But how do I set it up so that my app works?

@jayatidixit5260 2 года назад

if I am deploying a django project and in the settings.py file I added dotenv but when I deploy it on pythonanywhere it shows error while running wsgi application dotenv module not found

@LHM1226 8 месяцев назад

I love your way of storing data . But what will you do if you want to store a Python list as environment variable outside the code?

@anibaldk 6 месяцев назад

Bit old by now but you could store it as: 1. JSON string 2. Regular string which you parse In any case, you can always resort to base64 in case of strange annoying characters

@gpc1290 Год назад

Where do you save the .env file so that it can be found by the Python os.getenv() method?

@ictteacheraj 2 года назад

Is it safe when you use it in locally only right just running in your local system? Is it safe in Pycharm only?

@SubhamSatapathy 2 года назад

Wow! I used to commit my codes with my API keys without bothering as I developed stuff for my firm. Seems I would need to improve upon my practices and hold up some standards.

@ignasskarzinskas7126 2 года назад

when i try to print the variable it prints me none. Im using a virtual env if its somehow related

@realserax 3 месяца назад

Hey great Video but I got a question, I am currently using a .env to hide my mySQL connection data inside of my python script, and when using nuitka this .env is not hidden and instead its shown in the path of the exe. Is there a way to fix it, or do you maybe know a alternative I can do to hide my mySQL connection data like the password? Or is nuitka so safe that people cant get my sourcecode at all?

@anubhavborkotoky391 2 года назад

Hello Sir, could you help me? I'm getting an error saying that it's a syntax error I uninstalled and reinstalled python-dotenv

@louisdonofrio7376 Год назад

is it possible to make a .env file that requires a password to open? I have a python script I need to share with my team but I am not uploading it to git just sending them over the folder to run when they need.

@mistiksanju500 2 года назад

Please help me with my problem When i used .env without .gitignore it worked and bot started running But when i posted .gitignore file it not displayed the .env in repo all fine, But when i deployed it in heroku The bot is not working

@LennWeltmeister 2 года назад

One thing that's still in my brain: if we don't actually send the file, how can the server recover it?

@Rich-yj7gr 2 года назад

Sorry, could you please explain, what is the benefit of this comparing to just saving them in a separate .py file that I can then add to gitignore?

@jsoma 2 года назад

That's perfectly fine, too! I think this is just one of the more common techniques, maybe because people are used to putting .env files into gitignore as opposed to other files? Either way is okay!

@joseluisgiraldomorales3975 2 года назад

y si hay una persona que sabe de este método y consulta .env no le aparecen las claves??

@JamesPrenticez 2 года назад

LMFAO - "Sometimes when your programming you have code or little bits and pieces that you dont want to share with the entire world - and I'm not just talking about you being embarrassed about your programming"

@khalidhassani6173 2 года назад

But what about if i want to share my python desktop app with a friend, how to keep my credentials secret?

@jsoma 2 года назад

Unfortunately I don't think there's a good method for that situation. You either need to trust your friend with your credentials or allow them to input their own keys!

@khalidhassani6173 2 года назад

@@jsoma my app gives the user the possibility to store some data in a mysql db and he w'ill receive a confirmation by email. I struggle with the way i should hude the sensitive information related to connexion to the db and the SMTP ones

@jsoma 2 года назад

@@khalidhassani6173 hmmm. I think you'd want to have your desktop app call to a web service you control, and then the web service you control talks to the smtp service. maybe they register so you can track them and allow them to send, etc. That will be a real pain since it's a whole separate service to run beyond just your app, but I really can't think of a better route.

@khalidhassani6173 2 года назад

@@jsoma thanks for the help, i should put some effort in this subject, learning is a long path full of thorns