Soft Code Your Secrets

Hard coding your secrets in python or any programming language is something you should avoid.

What is your secrets ?

User credentials , API Keys , API Tocken or Cookies etc

You should always Soft coding it and there are many ways to do that , let me show you a few of them in the following script I created.

In this script you will see three options for soft coding your secrets.

Option 1 With help of using “Input” built-in function and  “getpass” python library we can allow the user to interactively type his credential.

“getpass” python library reads the input from the user as Password and not showing while not showing what characters he is typing.

Code:

import getpass

username=str(input(‘Type Your Username:\n’))

password=getpass.getpass()

print(“User Credential is” + ” ” + “Username is” + ” ” + username + ” ” +”Password is” +” ” + password)

Option 2 you can save your username and password as Environment variables in windows then we call it using “os” python library.

Code:

import os

input(“Press Enter to continue…”)

print(“*” * 20  + ” “+  “Method 2″ +” ” +”*” * 20)

username2 = str(os.environ.get(‘USER’))

password2 = str(os.environ.get(‘Password’))

print(“User Credential is” + ” ” + “Username is” + ” ” + username2 + ” ” +”Password is” +” ” + password2)

Option 3 you can save your username and password in a file then  call the  credential  using ” Python-dotenv ” python third party library.

Python-dotenv reads key-value pairs from a .env file and can set them as environment variables. It helps in the development of applications following the 12-factor principles.

https://pypi.org/project/python-dotenv/

You will need to install first using pip install Python-dotenv command

Code :

from dotenv import dotenv_values

input(“Press Enter to continue…”)

print(“*” * 20  + ” “+  “Method 3″ +” ” +”*” * 20)

user_Credential_from_envfile = dotenv_values(“.env”)

print(user_Credential_from_envfile)

Script code avaiable here in my github account:

https://github.com/YasserAuda/Hard-Code

output of this script:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s