問題描述
API 憑證應該存儲在 laravel 中的哪個位置? (Where API credentials should be stored in laravel?)
我們正在為 laravel 開發包,它通過 API 與另一個應用程序交互。目前我們正在緩存中存儲 api 憑據。每當緩存被清除時,連接中斷。我們正在考慮替代方案。這是將這些憑據存儲在數據庫中的好習慣嗎?如果是,它將如何刷新下一個憑據?
參考解法
方法 1:
I would recommend adding a config file for them which loads them from the .env file. You can largely mimic the database credential infrastructural for this. This allows you to isolate the information in a single file, and keep them out of git completely. It also allows you to modify them per environment if you have a separate endpoint and/or credentials for the api which you can use in local or any uat environments.
.env:
THIRD_PARTY_API_USERNAME=test
THIRD_PARTY_API_PASSWORD=test
config/third‑party.php
<?php
return [
'username' => env('THIRD_PARTY_API_USERNAME', null),
'password' => env('THIRD_PARTY_API_PASSWORD', null),
];
usage:
$password = config('third_party.password');
方法 2:
I think you should have enough control over your caching mechanism, to ensure when it's cleared, right?
On the other hand, surely you can use a database. Just make a new table where you store at least the key and a timestamp. This way you can always find out how old the key is and just replace it by a new one.
(by user13815476、James Clark、wschopohl)