Recommended way to store users,db credentials in a Python project?

[PrateekG]

I am working on a project where I am storing DB and users's credentials inside python code.
For example I have a script db.py which do crud operations and I am storing credential in this script as below-

credentials = {
"UAT": {
    "host": 'UAT_HOST',
    "port": UAT_PORT_Num,
    "read_db": 'SCHEMA_1',
    "write_db": 'SCHEMA_2',
    "user": 'UAT_USER',
    "password": 'UAT_PASSWORD'
},
"S3": {
    "KEY": 'S3_KEY',
    "SECRET": 'S3_SECRET_KEY'
}
}

Similarly I have a script merchant.py where I am using credentials like-

MERCHANT_ID = 1
STORE_ID = '1'
CATEGORY_ID = 123
URL = 'http://example.com'
environment = 'UAT'

I need to move above credentials in a secure place but I don't have any idea how to do that.
I am using Python3.6,Mysql.
Can you please suggest me what will be the standard approach?

[PrateekG]

I am sure that many of you have worked on a Project and you must be not using credentials in your python code.
So Guyz share your learnings and best practice here!

---

It seems I got my answer so sharing for others also-
https://hackernoon.com/4-ways-to-manage-...23049e841b

If you have any better one then please share .

[DeaD_EyE]

You can find accidentally uploaded credentials on GitHub.
It's a bad idea to store the credentials in source code.
Just follow the concept, which is usee regular in PHP-Projects like Wordpress.
They store the credentials in a configuration file. If the project is hosted on GitHub,
you upload a credentials.example.ini instead your credentials. Additionally, if you use a vcs,
put your own credentials file on a ignore list. This file should never be uploaded.
Otherwise you'll have guests on your account ;-)

You can parse ini files with: https://docs.python.org/3/library/configparser.html
Or you just use the json format.