Rails 4 Storing Api and Secret Keys for Global Access
Question
we are integrating a couple a api's across the application. and we call the api from numerous places.
We want to globalize the constants so its available and can be called everywhere.
Doing so we dont need to change the api and secret in multiple places if we have to change the details.
2 answers
solution1
1 ACCPTED 2014-02-05 05:06:33
To achieve this, you can store your API keys and secrets without them being checked in to source control, one solution is to store them in YAML files, and then include that in your application.rb file. Then they can be called from anywhere in your app.
To learn how to do this, you can watch this railscasts episode on it.
solution2
1 2014-02-05 05:23:02
YAML files are a great solution. Another way is to store the keys in your database. You could create a table like: api provider name key secret
This way you can pull the credentials wherever you need them with a simple activerecord request. @credentials = ApiKeys.where(provider: "Google") - For additional security you could hash/salt them but in general I assume you are the only one with access to your production database. I am not a fan of storing credentials on "one of the developers" notebooks or PCs. At the end the keys are everywhere and you have to make sure everybody has always he newest version.
On the other hand it is a very bad idea to call APIs directly from your application. You should use a background worker for that like Sidekiq or Resque.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.