Script Tip Friday- Diving into the Python Standard Library

Happy Friday and welcome to another great Script Tip by James Derrick, Software Engineer II ACE here at Ansys. This week, James gets into the Python Standard Library with getpass. Enjoy!

getpass: Diving into the Python Standard Library

Python is a versatile language with all sorts of powers and uses. Packages like?numpy?and?scipy?get lots of attention for the services they provide to Data Science and scientific research and lots of other fields (and rightly so!). But Python has a lot of builtin capability that often gets forgotten or passed over. The Python Standard library contains a wealth of builtin libraries and packages which provide all kinds of little use-cases and quality of life functions. In this article I want to shine a light on one of the more useful ones. Hopefully you know it already, but if you're coming across it for the first time, read on! This is all about?getpass...

Passwords are Tricky

When writing scripts in a big company like Ansys you often find yourself working with servers and services of various kinds. Often you need to login to things to get your scripts to run. Some people hard-code their passwords into the scripts and hopefully I don't have to say why this is a bad idea, but it's a terrible idea. Do not do this thing. Anyone who sees that script will see your password, and it just takes one person to copy that file somewhere else and you've lost control of your password. Or maybe someone accidentally commits the file to a public repo, and now your password is online for all to see. Avoid this like the plague.

OK, so actual solutions can go two to three ways.

1. Encrypt the password, perhaps into a token
2. Type your password in on execution
3. (Use alternative authentication)

Options 1 & 3 are great, but they are somewhat more involved than you might want when scripting or making simpler programs for other people or demonstrations. Option 2, however, doesn't sound great, but it's actually pretty easy to do, and when combined with?getpass?can be great.

So the base way of reading user input into a Python script is using the?input?keyword (raw_input?in Python 2).

In [1]: x = input()
test

In [2]: x
Out[2]: 'test'

In [3]:        

But as you can see, the input when typed appears?on-screen, which isn't good enough for passwords. You don't want people to see this stuff, especially if it appears in the output.

Introducing?getpass

getpass?is a small library with just 2 methods.

1. getpass.getpass()?- get a password input
2. getpass.getuser()?- get the current username

It's pretty simple.

getpass.getpass()

The main method you'll use. This will provide the "Password:" prompt string and then obscure any typing a user performs! This works seamlessly with jupyter notebooks too.

In [1]: import getpass

In [2]: pwd = getpass.getpass()
Password:

In [3]: pwd
Out[3]: 'OoOoOo invisible typing! OoOoOo'        

You can alter the prompt in the function call with the?prompt?keyword argument, and you can change the stream the input uses with the?stream?keyword argument. For more details check out the?docs.

getpass.getuser()

This function simply gets the username of the current user.

In [4]: getpass.getuser()
Out[4]: 'jderrick'

In [5]:        

Check out the?docs?for precise usage.

Conclusion

getpass?is a fantastic tool to know about and is instrumental in building quick and ready applications, or demonstrations. The Python Standard Library provides!

Don't forget to register for Level Up 3.0, happening October 25th. There will be a great session lead by Pierre Thieffry called "Now's the Time to Script!" Register here --> https://www.ansys.com/events/level-up