Skip to content Skip to sidebar Skip to footer

Python A Secure Way To Get The Database Access?

I'm having some doubts about how can I 'secure' the database's information to connect. There is someway that I can get the access to the database in a more secure way? A Rest Api?

Solution 1:

One way is to use an external config file to store the user, password, and other sensitive information.

Then use your operating system's permission system to restrict access to that file such that your application can read the file, but other unprivileged users can not.

Also make sure that you use a SSL connection to the database.

You should also look at authentication plugins.

Solution 2:

I'm guessing your question is how to not have to include the DB information (host, port, password, etc.) in the code. I would say the two easiest ways are:

  • Environment variables
  • Separate configuration files

Environment variables

import osconfig = {
    'user': os.getenv('DB_USER'),
    'password': os.getenv('DB_PASSWORD'),
    'host': os.getenv('DB_HOST'),
    'database': os.getenv('DB_DATABASE'),
    'raise_on_warnings': os.getenv('DB_DATABASE', 'true') == 'true',
}

Configuration file

import json

withopen('config.json') as file:
    config = json.load(file)

Post a Comment for "Python A Secure Way To Get The Database Access?"