question@mail.ru
·
01.01.1970 03:00
How can you encrypt a login with a password in the code itself? Well, or in any other way, to make it possible to get them to other people, since the code itself should be open and accessible for viewing other people.
EN
RU
EN
RU
Conn = PYMYSQL.ConNNET ( HOST = "" xxc.ru "" , port = 3306 , user = , password = "" password "" , db = "test" ", charset = ) is there any point in using in this case in this case how in the question?
answer@mail.ru
·
01.01.1970 03:00
The Caesar cipher can be quickly broken by any quick-witted studentlike me.
Flies separately, cutlets separately: just don't write the password inside the code, and the problem will be solved by itself. In addition, you will not need to edit the code to connect to any other database, which increases convenience. But then where to write the password - there are already many options.
In any "adult" OS, there are some global variables called environment variables. You can put the password there, and read these variables in python. How to change environment variables depends on the specific OS (you can specify details), and in Python code, reading them may look something like this:
import os, pymysqlconn = pymysql.connect( host=""xxc.ru "", user=os.getenv('MYSQL_USER'), password=os.pan>), password=os.getenv('MYSQL_PASSWORD'), # ...# ...)In this example, the login is read from the environment variable MYSQL_USER, and the password is from MYSQL_PASSWORD.
The bottom line is simple: we write the password in any text editor, save it to a text file, and then read this file in python.
with/span> open"">open('mysql_user.txt', 'r', encoding='utf-8-sig') ) as fp: mysql_user = fp.r= fp.read().rstrip()with open('mysql_password.txt', 'r', encoding='utf-8-sig') asn class="">as fp: mysql_password = fp.read().rstrip()conn = pymysql.connect( host=""xxc.ru"", user=mysql_user, password=mysql_password, # ...# ...)In this example, the login and password are read from files.mysql_user.txt and mysql_password.txt located in the current folder.
A little explanation, why I read files this way:
the rules of good taste prescribe explicitly closing open files after using them. It is very convenient to do this using the with;
UTF-8 is the best encoding in the world, so I prescribed it and advise you to use it everywhere and always. But there is a caveat: the Windows Notepad adds a text file at the beginning, and for python to process it correctly, I wrote the encoding utf-8-sig, and not just utf-8;
some text editors add a line break at the end of the file, so I delete it using rstrip() so it doesn't get in the way.
There is a high probability that you will want to store not only your useame and password separately from the code, so why not create a full-fledged configuration? For example, you can create the following config.ini file:
[mysql]user = loginpassword = passwordAnd then parse it in python:
import configparser, pymysqlconfig = configparser.ConfigParser()config.read('config.ini', encoding='utf-8-sig')conn = pymysql.connect( host=""xxc.ru"", user=config.get('mysql', 'user'), password=config.get('mysql', 'password'), #...)ConfigParser is a very powerful and versatile thing; I recommend reading it at least for general development.
If you want to post your code publicly on some GitHub, don't forget to add your files with all passwords to .gitignore, so as not to accidentally publish them too.
You can create a Python file, for example, local_settings.py , enter variables with login and password in it:
MYSQL_USER = 'Vasya'MYSQL_PASSWORD = '123456'de>
And then access them after import:
import local_settings as settingsconn = pymysql.connect( host=""xxc.ru "", user=settings.MYSQL_USER, password=settings.MYSQL_PASSWORD, # ...)# ...)Since local_settings.py is a full-fledged Python file, where you can execute any arbitrary code, which increases flexibility compared to text files, but at the same time opens up new ways to shoot yourself in the foot, so be careful.
The file must be positioned so that Python can find and import it. It cannot import files from the current directory in all environments, and if a simple import like in the example above does not work for you, you may need to set the environment variable PYTHONPATH=. or add the current directory to the sys.path list.
By the way, all file-related methods can be combined with environment variables. The bottom line is this: we write in the environment variable what to read, and then the Python code reads the file specified there (or imports the specified module):
SETTINGS_MODULE=my_mysql_settings
import os, importlib# This is the default value in case there is no environment variableos.environment.setdefault('SETTINGS_MODULE', 'local_settings')# Importing the module, specified in the environment variablesettings = importlib.import_module(os.ule(osgetenv('SETTINGS_MODULE'))# The rest is as usualconn = pymysql.connect( host=""xxc.ru "", user=settings.MYSQL_USER, password=settings.MYSQL_PASSWORD, # ...))This way, you can create multiple configuration files and switch between them using an environment variable. A similar approach (in a more complex form than I have shown, but it looks like it) is used, for example, in the popular Django web framework; there such an environment variable is called DJANGO_SETTINGS_MODULE.
It's not very convenient to enter the database password every time, but it's still an option. At the same time, using getpass, the text you enter is not displayed in the console (there are no stars even), so no one will know what password you enter there.
import getpass, pymysqlmysql_user =user = getpass.getpass('MySQL user> ')mysql_password = gord = getpass.getpass('MySQL password> ')conn = pymysql.connect( host=""xxc.ru"", user=mysql_user, password=mysql_password, # ...)r 
