Discussions

Expand all | Collapse all

Pymapd Password File

  • 1.  Pymapd Password File

    Posted 12-10-2018 11:56

    Hi OmniSci Community,

    I am using the pymapd connector to successfully connect my python program to my MapD database. Currently, the user credentials are stored in my code as plain text. I was wondering if there was a tool that existed similar to a pgpass file for postgres. I would like to store my password in some sort of separate document from the code. Is this possible?

    If it matters… Using Python 3.6.6 on a Windows 10 Enterprise machine. Making connection to mapd running on Rhel 7 Server.

    Thanks,
    Zach



  • 2.  RE: Pymapd Password File

    Posted 12-10-2018 15:25

    @zacharymostowsky I typically store my credentials in separate files and read them in at runtime. Here are some examples I authored that use this approach:

    For these examples, I store the credentials in plaintext .json files and read them into a pandas dataframe with the following function, but you could do whatever you want with them.

    def get_credentials(keyfile):

    dfkv = pd.read_json(keyfile, typ='series')
    return dfkv
    

    `
    This doesn’t address the encryption portion of your question, though. Perhaps someone else has a suggestion?



  • 3.  RE: Pymapd Password File

    Posted 12-10-2018 16:18

    I also do a similar thing to @easy’s suggestion, though in my case, I just define a regular python dictionary named credentials in an external file in the same directory as my python script. From there, I just do from filename import credentials.

    An additional step for security would be to define a select-only user for your database, then use those credentials for your batch scripts. Anyone knowing the credentials could read from the database, but not have elevated permissions to modify it.



  • 4.  RE: Pymapd Password File

    Posted 12-10-2018 18:26

    @easy and @randyzwitch thank you for your quick answers. These solutions should be secure enough for my current use case. Thanks!