Greetings. For example, I need to access the database in the application, which means that I need to somehow receive and store the login, password for the database; You need to access the API vk and store tokens for this. Also, the application should be able to change these tokens / passwords. To write these passwords directly in the code is also not the best option.

How to do it correctly in terms of architecture? Of course, you can just store everything in some json file, but is it correct to do this? Maybe you should write a static class AccountsManager , which will manage all these matters?

  • You can store them in encrypted form and decode "on the fly" with a password from an ini-file or manually entered - DNS
  • This is usually done by restricting access to the location of this data so that only the application can read and write it (and therefore the application administrator). It is not necessary to encode them, you need to restrict access to the file or place where they are stored. - Daniel Protopopov
  • @DNS, seriously? Spending precious response time to decrypting a config? - user207618

3 answers 3

For such things there DotEnv . All keys are stored in an ini-like .env file in the project root folder. But in order to not upload sensitive data to git, you can put an .env.example in the same folder, which will have a settings template that you need to rename or copy to .env . Access to the keys will be through the getenv function. // Очень удобно, сам пользуюсь подобным подходом

You can even more confuse, if you are a large company. A product called Vash by HashiCorp is designed to centrally store keys and tokens. I myself have not used it yet, but it looks interesting.

IMPORTANT!

Secret keys should never be shared. Therefore, to embed them in the code, fill in the version control system and p. categorically not recommended. Settings should be located where they are used, namely on the server.

    Store data from the database in a .php file and connect it via include.

     return [ 'host' => 'localhost', 'schema' => 'db_name', #Дальше сам ];

    In bd store data from akkov: Login, password, current token.

      There are many options (xml, json, txt files), and in fact everyone is not bad, I will offer the option that I like most of all, a class is written to store the settings:

       class Config { static private $params = []; public static function get($key) { return isset(self::$params[$key]) ? self::$params[$key] : false; } public static function set($key,$value) { self::$params[$key] = $value; } public function __get($key) { return isset(self::$params[$key]) ? self::$params[$key] : false; } public function __isset($key) { return isset(self::$params[$key]); } }

      Using:

       Config::set("db_host", "localhost"); Config::set("db_port", 5432); Config::get("db_host");

      By the way, you can bind this class to a file.