0

I am trying to set up a mailer with my heroku application. I fear if I push up my production.rb, my gmail password will be exposed. How can I prevent this?

Production.rb:
  ActionMailer::Base.smtp_settings = {
    :address        => "smtp.gmail.com",
    :port           => 587,
    :authentication => :plain,
    :user_name      => "whatever@gmail.com",
    :password       => "**********"
  }
Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Steez
  • 219
  • 5
  • 17
  • Use environment variables. `:password => ENV['Your_password']` – Pavan Aug 06 '15 at 17:15
  • possible duplicate of [Where to store sensitive data in public rails app?](http://stackoverflow.com/questions/6113042/where-to-store-sensitive-data-in-public-rails-app) – Brad Werth Aug 06 '15 at 17:32

1 Answers1

2

You can use environment variables: https://devcenter.heroku.com/articles/config-vars

It's a best-practice to never include sensitive information in your repo. Env variables are also a good way to go, because they'll work with whatever provider you use, so if you move from Heroku to another platform, you won't need to make any changes to your code.

Ian Selby
  • 3,241
  • 1
  • 25
  • 18
  • 2
    ... and look into the various available gems that allow you to reference ENV variables from within your app on development environments without setting them on your dev system also. – David Aldridge Aug 06 '15 at 17:21
  • Thank you. Thats was very helpful and works perfectly!! – Steez Aug 06 '15 at 17:38