How to HIDE Your API Keys in Python Projects

preview_player
Показать описание
Never commit your API keys or other sensitive data to github again! Keep it neat and tidy by hiding your api key using one of these 2 methods. Both work and have their uses, but I'd lean towards using the .env file to store your own environment variables. It's easy to recreate this file on your server or anywhere else you need to run your project without having to change any code inside.

Support Me:

-------------------------------------
Disclaimer: These are affiliate links and as an Amazon Associate I earn from qualifying purchases
-------------------------------------
  1. John Watson Rooney
  2. api keys
  3. hide api key github
  4. hide api key python
  5. hide api keys
  6. python projects
Рекомендации по теме
How to HIDE 0:04:27

How to HIDE Your API Keys in Python Projects

How to hide 0:24:45

How to hide your API keys SAFELY when using React

3.4 Hiding API 0:11:51

3.4 Hiding API Keys with Environment Variables (dotenv) and Pushing Code to GitHub

How to ACTUALLY 0:07:42

How to ACTUALLY Secure Your API (5 Steps)

How to hide 0:02:59

How to hide your API keys on Android

5 JavaScript API 0:12:49

5 JavaScript API Key Mistakes (and how to fix them)

How to Hide 0:10:13

How to Hide Your API Keys

Hide an API 0:16:04

Hide an API Key | JavaScript Tutorial

Hide your API 0:04:03

Hide your API Keys easily with Node JS

Handle secrets like 0:08:31

Handle secrets like API keys securely in javascript projects with environment variables

Build an API 0:32:20

Build an API Proxy Server - Hide Your API Keys, Rate Limiting & Caching

How to Hide 0:10:13

How to Hide & Protect API Keys in Your Android App (Reverse Engineering)

Hide API Keys 0:10:38

Hide API Keys Without dotenv environment variables | Hiding API Keys in Javascript Netlify

How to hide 0:01:19

How to hide your API link while making requests from client c#, c++, python

How to Secure 0:00:45

How to Secure Your API Keys the Right Way

Hide API Key 0:02:49

Hide API Key in client side on Firebase or other applications

How to Hide 0:12:10

How to Hide API Keys with Node JS - Environment Variables & .env

Your API Keys 0:09:26

Your API Keys are NOT SAFE in a native app 🤬

Hiding Your API 0:05:55

Hiding Your API keys in your code from Thieves

Protect your API 0:01:38

Protect your API Key with Serverless Functions #shorts

JavaScript Security: Hide 0:09:59

JavaScript Security: Hide your Code?

Properly Load & 0:07:58

Properly Load & Manage API Keys in Python

How to Hide 0:02:18

How to Hide Password and API keys in Streamlit Share

How to Hide 0:05:53

How to Hide API Keys in Python: An Environment Variables Example

Комментарии
Автор

Straightforward, concise, and clear. Much appreciated.

AdobadoFantastico
Автор

Clear, short, on point, extremely useful . Thank you.

phoenix
Автор

Very nice video!
Its simple, but very important thing to do in projects...

stifferdoroskevich
Автор

Hi John,
Found it useful. Tried it today and it worked. Thanks for your time and sharing.
Thanks,
Chetan from Kandivali, Mumbai, India :)

chetancc
Автор

Thank you – this length of a video is great!

bx_h
Автор

Great video! You showed us how to read a .env variable into a python module. Next would be how do I set or write to or update a .env variable from my python module? This is something I have to do with refresh tokens. I have to read the last refresh token from the .env file, get a new refresh token back, and save the new refresh token back into the .env variable. Hopefully that make sense! It would be amazing to know how to do that!

eziola
Автор

Was watching your videos and because of your clear explanations, I did my first python Api scrapper with extremely little knowledge of programming 🤣🤣

I was wondering if you will be doing any video on some sites that has a slider as a captcha like Alibaba as it seems impossible to scrape

goheugene
Автор

the correct recent syntax is:
os.environ.get('api_key')
or
os.environ['api_key]

Ezraielshayan
Автор

We had the same problem with user credentials. I suggested to extract them from code-files into a json file and add it to the .gitignore file.
Then simply import it in the files where you need the credentials and voila...
One downside: People have to manually create the credentials json. But I think thats a question of perspective. It kind of adds to safety in my opinion.

multigladiator
Автор

Sir, can you explain more on how to replicate the env on any server? Like to deploy in the production. Do I need to do it on every pc?

BernalynBiscocho
Автор

Now what I don't get is what if i want to use the project in another computer? How do i get the api_key when I don't have it in github?

alexportugal
Автор

Is it safe enough if i put the api in golang and compiled to a dll then i import it with ctypes

AB-cdgd
Автор

The first way does not work after compiling the executable. The program always uses the same keys irrespective of what is in the creds file. Best way is to use config files.

mabdurrafeyahmed
Автор

One doubt:
Are you taking about only the server base projects where already all are safe.
But what about client based standalone applications.
The binary is on client's system. If some one disassemple they could see the .env file right ?
As it is Python is not safe to right commercial projects, because 100% source code can be retrived.

Gaamaa-ozeflfn
Автор

what about the .env file when launching the webste? isnt it vulnerable for malisious users whoose purpouse is to get the api keys?

santiagootero
Автор

Exactly what i was looking for, thanks!

kevon
Автор

Thanks for the tip. Works like a charm!

irinamicov
Автор

Very good explanation, I have a question for you, what theme used in terminal? zsh?

igoresposito
Автор

Please make a video on how to make the API paid that I you build to scrape data from somewhere. It should tell us how to put a limit on itl

beastvirus
Автор

But how would one automate this?
I don't want to manually create a file on the server everytime.
Any way that works well when working with Docker images and CICD?

dingding