I have an app up in a PR that needs a valid API key. I don’t want to post API key, so should I just have the app print something out “invalid API key” and do nothing else? It wont be testable if anyone cares about whether it works in the case. Right now with the invalid key the app just fails.
I also note some apps using fail() in those situations, is that a call I should use (instead of sys.exit(1)).
Thanks
I would recommend displaying an error message on the tidbyt itself. fail is for unrecoverable failures and shouldn’t be used if possible. I just PR’d the Global Tides app which does this very thing. If the the API doesn’t exist then it display the no api key error.
There is also a secrets module with which you can encrypt/decrypt your api key so that you can safely push without revealing the key.
Ah, thanks for that! I’ve been wanting to make an app myself but it would require an API key and I wasn’t sure how that was managed.
If the api key is easily acquired by the end user then I would recommend just allowing the user to enter their own api key. Single keys used across all tidbyt users can easily become blocked or quota used up. I just did this for the world tides app. The free api key only allows 10 requests per day which would quickly max out if all users used it, but the app only hits the api once per day so individual api keys was the call. Even though it’s kind of a pain for the user its better in the long run to make sure the app remains functional.