{"id":3030,"date":"2015-08-09T01:04:21","date_gmt":"2015-08-09T05:04:21","guid":{"rendered":"http:\/\/qxf2.com\/blog\/?p=3030"},"modified":"2015-08-08T11:34:38","modified_gmt":"2015-08-08T15:34:38","slug":"dont-hardcode-usernames-and-passwords-in-your-test-scripts","status":"publish","type":"post","link":"https:\/\/qxf2.com\/blog\/dont-hardcode-usernames-and-passwords-in-your-test-scripts\/","title":{"rendered":"Don&#8217;t hardcode usernames and passwords in your test scripts"},"content":{"rendered":"<p>If your application needs to authenticate users, you need some way for your automation to know your credentials. You may be providing these credentials in the test script itself. But this could lead to a <a href=\"https:\/\/twitter.com\/browserstack\/status\/531631012493524992\">possible breach of security<\/a>. E.g: We learnt that <a href=\"http:\/\/www.browserstack.com\/\">BrowserStack<\/a> keeps logs of every line of code executed. So if you had hard coded your username and password in your test script, the logs will have a record of them. In this short post we will show you how to separate out the credentials into a separate file.<\/p>\n<p>Here is the login.credentials file which stores the username and password<\/p>\n<pre lang=''>\r\nLOGIN_USER=test@abc.xyz\r\nLOGIN_PASSWORD=test\r\n<\/pre>\n<p>You can use the following code snippet in your test script to read the credentials file and use the details in your test case.<\/p>\n<pre lang='python'>\r\nimport os,Conf_Reader\r\n\r\n#Get the test account credentials from the .credentials file\r\ncredentials_file = os.path.join(os.path.dirname(__file__),'login.credentials')\r\nusername = Conf_Reader.get_value(credentials_file,'LOGIN_USER')\r\npassword = Conf_Reader.get_value(credentials_file,'LOGIN_PASSWORD')\r\n<\/pre>\n<p>You want a peek into Conf_Reader.py? Here it is..<\/p>\n<pre lang='python'>\r\n\"\"\"\r\nA simple conf reader.\r\nFor now, we just use dotenv and return a key.\r\n\"\"\"\r\n\r\nimport dotenv,os\r\n\r\ndef get_value(conf,key):\r\n    \"Return the value in conf for a given key\"\r\n    value = None\r\n    try:\r\n        dotenv.load_dotenv(conf)\r\n        value = os.environ[key]\r\n    except Exception,e:\r\n        print 'Exception in get_value'\r\n        print 'file: ',conf\r\n        print 'key: ',key\r\n\r\n    return value\r\n<\/pre>\n<blockquote><p>NOTE: You can use the conf reader to parse more than just credentials. We find it very useful to put in a lot of test parameters that are usually hard coded within the script. This allows us to keep our scripts clean.<\/p><\/blockquote>\n<p>Hope this small piece of code will be helpful for you!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If your application needs to authenticate users, you need some way for your automation to know your credentials. You may be providing these credentials in the test script itself. But this could lead to a possible breach of security. E.g: We learnt that BrowserStack keeps logs of every line of code executed. So if you had hard coded your username [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"class_list":["post-3030","post","type-post","status-publish","format-standard","hentry","category-python"],"_links":{"self":[{"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/posts\/3030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/comments?post=3030"}],"version-history":[{"count":13,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/posts\/3030\/revisions"}],"predecessor-version":[{"id":11097,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/posts\/3030\/revisions\/11097"}],"wp:attachment":[{"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/media?parent=3030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/categories?post=3030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qxf2.com\/blog\/wp-json\/wp\/v2\/tags?post=3030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}