[Solved] How can I store the auth token outside of sketch?

Hello All,

I decided create a repository for my project on github so I can gain some revision control, work from different terminals, and also share what I’m doing.

Here’s my problem, not thinking when I pushed the changes to github I ended up publishing the project’s auth token.

Duhhhh.

I thought it would be simple to split off the auth[] or the “AUTH_TOKEN_STRING” to a separate file and then include that file in .gitignore. But the couple of ways I tried would not complile.

Is there a simple way to do this? If it makes a difference I’m using Linux and PlatformIO rather than the Arduino IDE.

For some reason this has been a real test of my Arduino and C++ coding skills – I I still have ALOT to learn. Python is so much easier!

Thanks for any help…

digger

Hi, I store the auth token, wireless id and wireless password in the EEPROM of the Arduino first and then the blynk scetch reads it from there. So you do not have to worry about publishing your code.

Great idea.
Can you show us the related code?
Thanks

This is how to put data to EEPROM:

#include <EEPROM.h>
const byte max_nbr_sensors = 8;
struct MyObject {
  uint16_t this_node;
  char room[9];
  byte sensoren[max_nbr_sensors];
  char auth[33];
  char My_SSID[11];
  char wifi_PW[11];
  };


void setup() {

  int eeAddress = 0;   //Location we want the data to be put.


  /** Put is designed for use with custom structures also. **/

  //Data to store: Node id, 8 digits for room name, max. 8 sensors (referenced as 1-11),
  //32 digits for auth token, 10 digits for SSID, 10 digits pw

MyObject configuration = {1,"Office  ",1,4,2,8,0,0,0,0,"0123456789abcde0123456789abcde","ssidbfgths","wifipasswd"};


  EEPROM.put(eeAddress, configuration);
 
}

void loop() {
 nothing here
}

This is code to read from EEPROM:

 #include <EEPROM.h>
const byte max_nbr_sensors = 8;
struct MyObject {
  uint16_t this_node;
  char room[9];
  byte sensoren[max_nbr_sensors];
  char auth[33];
  char My_SSID[11];
  char wifi_PW[11];
  };
MyObject configuration; //Variable to store custom object read from EEPROM.

void setup() {

  int eeAddress = 0;   //Location where data is stored
  EEPROM.get(0, configuration); 
 
}

void loop() {
 blynk stuff
}

The data is then available as:
configuration.this_node
configuration.auth
etc. to

Blynk.begin(configuration.auth, wifi, configuration.My_SSID, configuration.wifi_PW,"192.168.111.22",8442);

hope that helps.

2 Likes

@mrohner am I correct in thinking you are using a WiFi shield of some kind with an Arduino rather than using an ESP (of some kind) in standalone mode?

The reason I ask is that I’m not convinced the EEPROM library for ESP’s is quite the same as the one for Arduino’s.

ESP’s use EEPROM.begin(), EEPROM.write(), EEPROM.commit() and EEPROM.read().

I think you also have a rogue “wifi” in your Blynk.begin() call, but a very nice use of structure.

Im using an ESP-01 (Hard serial attached) on an arduino nano with some older blynk library (0.3.7). I’m sure the wifi can be ommited with newer libraries. Yes, the EEPROM.h is to store data into the Arduino’s EEPROM. My reply was to outline the idea of storing data into the EEPROM as a means to seperate auth token from main scetch. It is not to elaborate on blynk wifi connection.

Thanks @mrohner I’ve never messed directly with eeprom I’ll give it a try.

Thanks again @mrohner I learned some new stuff about structure and working with the eeprom.

I played around and your solution is nice. I like that the sensitive data is stored in a completely different sketch, but for my application it seems like too much. Using the eeprom to store data will be useful later on though.

I ended up learning enough about libraries though and went in that direction. Here’s the relevant bits of my solution.

private_tokens.h

/*
private_tokens.h

Store private tokens in private_tokens.cpp and add that
file to .gitignore so personal data is not shared

*/

#ifndef PRIVATE_TOKENS_H
#define PRIVATE_TOKENS_H
#endif

private_tokens.cpp

// private_tokens.cpp
//
// file included in .gitignore to prevent publishing
// sensitive data.

char AUTH_TOKEN[] = "store-real-token-here";

StepperControl.ino includes:

...

#include "private_tokens.h"
extern char AUTH_TOKEN[]; // Auth Token for "Magloop Control".

...
void setup()
{
  ...

  Blynk.begin(AUTH_TOKEN, ble);

  ...
}

I use PlatformIO for my IDE and it seems content to have the *.h and *.cpp files in the src directory. I have no idea if the Arduino IDE would also be happy with that.

digger

create AUTH_TOKEN.h file in your sketch directory

    /*
    AUTH_TOKEN.h

    Store private tokens in AUTH_TOKEN.h and add that
    file to .gitignore so personal data is not shared

    */

    #define BLYNK_AUTH_TOKEN "store-real-token-here"

And here is the sample sketch


    /**************************************************************
     * Blynk is a platform with iOS and Android apps to control
     * Arduino, Raspberry Pi and the likes over the Internet.
     * You can easily build graphic interfaces for all your
     * projects by simply dragging and dropping widgets.
     *
     *   Downloads, docs, tutorials: http://www.blynk.cc
     *   Blynk community:            http://community.blynk.cc
     *   Social networks:            http://www.fb.com/blynkapp
     *                               http://twitter.com/blynk_app
     *
     * Blynk library is licensed under MIT license
     * This example code is in public domain.
     *
     **************************************************************
     * This example runs directly on ESP8266 chip.
     *
     * You need to install this for ESP8266 development:
     *   https://github.com/esp8266/Arduino
     *
     * Please be sure to select the right ESP8266 module
     * in the Tools -> Board menu!
     *
     * Change WiFi ssid, pass, and Blynk auth token to run :)
     *
     **************************************************************/

    #define BLYNK_PRINT Serial    // Comment this out to disable prints and save space
    #include <ESP8266WiFi.h>
    #include <BlynkSimpleEsp8266.h>
    #include "AUTH_TOKEN.h"

    // Your WiFi credentials.
    // Set password to "" for open networks.
    char ssid[] = "YourNetworkName";
    char pass[] = "YourPassword";

    void setup()
    {
      Serial.begin(9600);
      Blynk.begin(BLYNK_AUTH_TOKEN, ssid, pass);
    }

    void loop()
    {
      Blynk.run();
    }
1 Like

@MRaichura that’s certainly less lines of code and one less file. Thanks…

Is there a reason to also leave out this part? Why and/or when would I include it?

#ifndef PRIVATE_TOKENS_H
#define PRIVATE_TOKENS_H
#endif

You don’t really need it. The purpose of those lines is to avoid redefinition of same code again and again. For example, we are using some I2C sensor and have included Wire.h but in some library that you are using, that library is also including Wire.h. This will lead to multiple definitions and nasty errors & warnings.

In order to avoid that, you can wrap code with conditional preprocessors and so it will be outputted only once.

However, in your case the file is doing nothing. You are just defining the wrapper preprocessor code but nothing is inside it. So can ignore the file.

1 Like