Sensitive credentials in Slim 4 project

Hi!

A typical application begins with three environments: dev (for local development), prod (for production servers) and test (for automated tests).

Each environment differs only somewhat from others. This means that all environments share a large base of common configuration, which can be stored in a file like: config/defaults.php.

  • While developing, you want to log everything and expose nice debugging tools;
  • After deploying to production, you want that same application to be optimized for speed and only log errors.

These settings can be stored in environment specific files, like config/development.php and config/production.php. Please note: You must not store sensitive password in this files.

To store the secret credentials you should use a special file like env.php. This file should be excluded from the version control and must never be commited into the git repo.

Then you merge all these 3 files in this order into a single array:

In config/settings.php:

  1. Load config/defaults.php
  2. Load if exists: config/env.php or ../../env.php (on your prod server)
  3. In env.php load the environment config file:
    • config/development.php or
    • config/production.php or
    • config/testing.php

Example