Handling Project Secrets (Python)
Often you’d be having secrets on your project (like database connection details, API access keys etc) that you’d not want to expose to the public by committing it to version control in your source code.
This can be easily avoided by making use of .env files. This short article will guide you through the process of using one to keep your project secrets safe.
Step 1: Make the .env file.
In your project folder, make a file simply called .env and fill in your secrets as shown in the example.
Be careful about the file names, it should NOT be .env.txt
Step 2: Install the dotenv module
This module helps us in accessing the variables declared in our .env file.
Installation can be done with pip
pip install -U python-dotenv
Step 3: Use the secrets in your code
Now to access the secret in your code, you’d first load the .env. After this we can access the secrets from the os.environ dictionary (as it is a dictionary, we use the dict.get method), which contains the environment variables.
import dotenv # this is the module we installed earlier
import os
dotenv.load_dotenv(dotenv.find_dotenv())
PROJECT_SECRET = os.environ.get("SECRET")