DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’» is a community of 963,274 amazing developers

We're a place where coders share, stay up-to-date and grow their careers.

Create account Log in
Emma Donery
Emma Donery

Posted on • Updated on

Python-dotenv (Keep your secrets safe)

Image description

Is the security of your website / app threatened? Do you know how to keep your secrets safe during develepoment and production stage? In this article, i am going to guide you on how to work with SECRETS and KEYS without exposing them to the outside world, and keep them safe during development too!

Python-dotenv is a Python module that allows you to specify environment variables in traditional UNIX-like β€œ.env” (dot-env) file within your Python project directory. Read more from their official documentation

Environment variables is the set of key-value pairs for the current user environment. They are generally set by the operating system and the current user-specific configurations.

Python-dotenv helps us work with SECRETS and KEYS without exposing them to the outside world, and keep them safe during development too

Also, it helps in the development of applications following the 12-factor app principles.

Installation

#Create a new virtual environment
python3 -m venv venv
#activate
source venv/bin/activate
#install
pip install python-dotenv
Enter fullscreen mode Exit fullscreen mode

Using the python-dotenv module

  1. Create a .env file
    First, you need to create a new .env file, and then load the name and value of the variables as a key-value pairs:

    #.env file
    ID = "12345689"
    SECRET_KEY = "gsabijwjnciiwbjksa"
    
  2. Create app.py file ,Import and Call python-dotenv

    # app.py
    ## importing the load_dotenv from the python-dotenv module
    from dotenv import load_dotenv
    
    load_dotenv()
    
  3. Access the Environment Variables

    from dotenv import load_dotenv
    import os #provides ways to access the Operating System and allows us to read the environment variables
    
    load_dotenv()
    
    my_id = os.getenv("ID")
    my_secret_key = os.getenv("SECRET_KEY")
    
    def myEnvironment():
        print(f'My id is: {my_id}.')
        print(f'My secret key is: {my_secret_key}.')
    
    if __name__ == "__main__":
        myEnvironment()
    

Output

ID = "12345689"
SECRET_KEY = "gsabijwjnciiwbjksa"

KEY-NOTE: A large number of security vulnerabilities can be resolved by taking care of leaked credentials, and the python-dotenv helps in developing a safer project environment to work with, both, during and after development as well.

TipπŸ–ŠοΈ: In case you accidentally exposed your secret / key, do not panic because you can always generate a new key. Also, i would recommend generating new keys before deployment as a safety measure.

Be Safe. Happy coding πŸŽ‰πŸŽ‰

Feel free to leave your comment or feedback below. I would love to hear your opinions.
You can also connect with me via twitter and linkedin.

Top comments (8)

Collapse
 
p0intman profile image
P0intMaN

The most concise and up-to-the-point explanation. Well done!

Collapse
 
emma_donery profile image
Emma Donery Author

Thank you for your feedback

Collapse
 
emma_donery profile image
Emma Donery Author

Thank you for your feedback @p0intman . It means a lot

Collapse
 
bhav profile image
Bhavesh Kakwani

If only all tutorials could be this clear and to-the-point...thank you

Collapse
 
emma_donery profile image
Emma Donery Author

Thank you for your feedback Bhavesh. It means a lot

Collapse
 
miron profile image
Miron

Sorry, but I just don't see the point. If you store your credentials in your project folder anyway, then why not just read the file? How is exposing your credentials aditionaly as environment variables for every app to read more secure?

Collapse
 
abdelrahman_dwedar profile image
β€˜AbdelraαΈ₯man Dwedar πŸ‘¨πŸ»β€πŸ’»πŸ‡΅πŸ‡Έ

Thanks a lot for the great article! :D

Collapse
 
muhammadabir profile image
Muhammad ABir

thanks a lot

🌚 Friends don't let friends browse without dark mode.

Sorry, it's true.