Using Codeigniter, how do I hide Paypal credentials from other developers?

Question

Couldn't find a good answer to this on here.

So basically I am using bitbucket.org as my git system. My application uses paypal credentials such as api username, password, signature. What would be the best and most secure way to hide these credentials from other developers who will check out and work on my code?

I use LAMP stack. CodeIgniter framework.

I was thinking of having a serialized file that I don't add to git, put it also on live server, then unserialize it and pull the credentials from it.

Answer 1

You don't have to handle this any differently than you do your database configuration files.

First, create application/config/paypal.php:

// Change this information to match your settings
//$config['paypal_seekrit'] = '';
// whatever else

Note, create it just like that, as you're going to track it initially as a stub. Add it and commit it:

git add application/config/paypal.php
git commit

Now, add it to .gitignore so it's no longer tracked locally. Add and commit .gitignore. Then, in your code, you need to then do something like this to make sure people remember to set things appropriately:

$this->load->config('paypal');
$seekrit = $this->config->item('paypal_seekrit');
if ($seekrit === FALSE) {
    // config->item returns FALSE by default if item doesn't exist
    log_message('error', 'You need to configure config/paypal.php!');
    // bail out, if appropriate
    show_error('Paypal keys have not been configured');
}

At this point you can push. Everyone now has a stub of the file, and nothing anyone does on their end will be in danger of being pushed back. The drawback is, if you need to change the default stub to add or remove an option, you (and everyone else) will need to merge. But, it's such a trivial file, I don't consider that an issue.

Then, add your secret keys to the file without worrying about accidentally committing and pushing them. Note, if using it in a library you first have to call get_instance() to get at the framework super object (singleton), e.g:

$CI = get_instance();
$CI->load->config('paypal');
$seekrit = $CI->config->item('paypal_seekrit');
...

One of the first things I do on a new CI project is commit application/ and then stop tracking certain files in application/config.

You can also just make a catch all config file for site specific settings that overrides all previously loaded configurations and stick it in there (something like config/appname.php). Just be sure to do it in a way where the config / loader class work as someone would expect them to work.