On Sunday, January 22, 2017 at 4:43:56 PM UTC-8, Alex Glaros wrote: > > I assume that the key is meant to be unique for each app and that the > example key above is just a sample. > > key = 'asdsaddasdasdas' > > (1) How to select/generate a key and (2) if key exists in plain text on my > open source app, then I have to replace it with a dummy key in gitHub so > whoever downloads and uses the code from my app cannot decipher my data if > they steal the database, correct? > > thanks to Niphlod for the example, works great. > > Alex Glaros >
I take it you saw the recent report on how many projects have exposed keys for their backdoors, kept in github, eh? I would move the key to the myapp/private/appconfig.ini file and read it in at runtime, say in db.py. /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
