For one of my apps, I added extra fields to auth to hold some Amazon AWS
credentials for the logged in user.
This means that I can access the required API keys when logged in , but
because it's part of the database, it doesn't get committed to source
control.
For accessing external database legacy database in another app, my web2py
app was using postgresql, but I needed to access some tables in a legacy
Oracle database.
So, I stored the location and access credentials in a table in postgres,
and used those when opening the DAL for the legacy Oracle system.
Interesting to see if there's a canonical or best way to do this.
Environmental variables, config files, database tables, all have weaknesses
if used to store credentials.
On Monday, 27 April 2015 15:40:06 UTC+1, hiro wrote:
>
> I connect to an external DB in one of my models:
>
> my_model.db:
>
> my_db = DAL(
> 'postgres://user:password@url/database',
> pool_size=20,
> after_connection=lambda self: self.execute('set search_path to
> my_schema, other_schema, public; set statement_timeout to 60000;'),
> migrate=False
> )
>
> Now we are planning to adding the project to a git repository and I would
> now like to store our password there.
>
> I though about just creating the connection string by reading the .pgpass
> file. It will probably work but it seems unnecessary to read .pgpass every
> request. What is the best way to load the password at startup but not all
> other requests? Maybe just create in if statement?
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
