Connect PostgreSQL with Python: Secure Database Access Using Python-dotenv

Connect PostgreSQL with Python: Secure Database Access Using Python-dotenv

Table of Contents

Introduction

Connecting Python with PostgreSQL is a powerful way to manage and retrieve data securely. By using the python-dotenv library to handle credentials, you can ensure that sensitive information like database usernames and passwords remains safe in your development environment. This step-by-step guide will walk you through setting up Python, PostgreSQL, and python-dotenv to establish a secure connection, enabling you to fetch and display data from the database. Whether you’re building a small app or scaling up, these tools lay the foundation for a robust, secure system. In this article, we’ll explore how to seamlessly integrate these technologies for a more efficient workflow.

What is Python Script for Database Connection?

The solution is a Python script that securely connects to a database, retrieves contact information, and displays it. The script uses libraries to manage sensitive data, ensuring that credentials are stored safely. It helps developers interact with databases and fetch necessary data for their applications.

Step 1: Install the Required Libraries

Imagine you’re building a bridge, but instead of wood and nails, you’re using Python and PostgreSQL. To make this connection run smoothly, you need a couple of powerful tools. First, you’ll need pg8000, a library that lets Python talk to PostgreSQL databases. Think of it as a translator, helping Python and PostgreSQL communicate. Then, there’s python-dotenv, a handy tool that makes sure your sensitive credentials—like your database username and password—are kept safe in a .env file, instead of being exposed directly in your script. This step is crucial for making sure everything stays secure.

Now, let’s bring these tools into your project. Open your terminal and run this command:

$ pip install pg8000 python-dotenv

If you’re using a virtual environment (which is always a good idea to keep your dependencies organized), make sure it’s activated before you run the command. This will prevent you from mixing up the libraries across different projects.

Step 2: Create a .env File

Alright, you’re almost there! Now, it’s time to set up the .env file, where you’ll securely store your database credentials. Think of this file as a secret vault for all your sensitive information. In this .env file, you’ll define a few key details:

DB_HOST=<your-hostname>
DB_NAME=<your-database-name>
DB_USER=<your-username>
DB_PASSWORD=<your-password>

Make sure you replace the placeholder values with the actual credentials. This is where the magic happens, so make sure it’s right.

To keep things secure, don’t forget to add .env to your .gitignore file. This will keep your credentials from sneaking into version control, so your sensitive info stays safe and sound.

Step 3: Create a Python Script

Now, let’s get coding! Create a Python file named connect_to_db.py . This script will handle the heavy lifting—loading credentials from your .env file and using them to establish a secure connection to your PostgreSQL database. It’s like sending a secret message that only Python and PostgreSQL can understand.

Here’s the code you’ll need to start:

import pg8000
from dotenv import load_dotenv
import os# Load environment variables from .env file
load_dotenv()# Database connection details
DB_HOST = os.getenv(“DB_HOST”)
DB_NAME = os.getenv(“DB_NAME”)
DB_USER = os.getenv(“DB_USER”)
DB_PASSWORD = os.getenv(“DB_PASSWORD”)
DB_PORT = int(os.getenv(“DB_PORT”))try:
    # Connect to the database
    connection = pg8000.connect(
        host = DB_HOST,
        database = DB_NAME,
        user = DB_USER,
        password = DB_PASSWORD,
        port = DB_PORT
    )
    print(“Connection successful!”)
except Exception as e:
    print(“An error occurred while connecting to the database:”, e)
finally:
    if connection:
        connection.close()

This script does a few important things:

  • It grabs your credentials from the .env file (remember, the secret vault).
  • It uses pg8000.connect() to make the connection to your PostgreSQL database.
  • Finally, it prints out either a success message or an error message, depending on how the connection goes. It’s like getting a thumbs up (or a facepalm) from Python itself.

Step 4: Test the Connection

It’s testing time! You’ve written the script, now let’s see if it works. Head back to your terminal and run the following command:

$ python connect_to_db.py

If everything is set up correctly, you should see this reassuring message:

Output 
Connection successful!

But hey, if something goes wrong, don’t panic! Double-check your .env file for any mistakes. Also, make sure your IP address is listed as a trusted source in your database’s security settings. It’s like making sure you’re on the guest list for the party.

Step 5: Fetch Data from the Database

Now that the connection is all set, let’s take it a step further. It’s time to fetch some data from the database and put it to work. You’re going to modify your connect_to_db.py script to run a query that gets all the records from the contacts table. Here’s how you do it:

import pg8000
from dotenv import load_dotenv
import os# Load environment variables from .env file
load_dotenv()# Database connection details
DB_HOST = os.getenv(“DB_HOST”)
DB_NAME = os.getenv(“DB_NAME”)
DB_USER = os.getenv(“DB_USER”)
DB_PASSWORD = os.getenv(“DB_PASSWORD”)
DB_PORT = int(os.getenv(“DB_PORT”))try:
    # Connect to the database
    connection = pg8000.connect(
        host = DB_HOST,
        database = DB_NAME,
        user = DB_USER,
        password = DB_PASSWORD,
        port = DB_PORT
    )
    print(“Connection successful!”)    # Query the database
    cursor = connection.cursor()
    query = “SELECT * FROM contacts;”
    cursor.execute(query)
    records = cursor.fetchall()    # Print the results
    print(“Contacts:”)
for record in records:
        print(record)    # Close the cursor and connection
    cursor.close()
    connection.close()except Exception as e:
    print(“An error occurred:”, e)

Here’s what the script does now:

  • It connects to the database like before.
  • It runs a SQL query to fetch all the records from the contacts table.
  • It prints out each record from the result, making sure you get the data you need.
  • Finally, it closes the cursor and the database connection to keep things neat.

If the contacts table happens to be empty, no worries! The script will still run without errors. To test, you can quickly add a sample contact with this SQL command:


INSERT INTO contacts (first_name, last_name, birthday) VALUES (‘Test’, ‘User’, ‘1990-01-01’);

Also, if you’d prefer a graphical interface, tools like pgAdmin or TablePlus are great options to visually manage your PostgreSQL database without dealing with all the SQL code. It’s like having a dashboard to control your database with ease!

PostgreSQL Documentation: Getting Started

Conclusion

In conclusion, connecting Python to PostgreSQL using the python-dotenv library offers a secure and efficient solution for managing database credentials and accessing data. By following this guide, you’ve learned how to safely store your credentials in a .env file, establish a secure connection to your PostgreSQL database, and query data with ease. Whether you’re building a small app or scaling for larger projects, these tools provide a solid foundation for your development workflow. Moving forward, as you continue to work with Python and PostgreSQL, you’ll find that this secure setup enhances your ability to build scalable, reliable applications. Stay updated as new tools and libraries evolve to further streamline this integration, making it even easier to build secure and efficient systems.

Connect PostgreSQL Database with Python: Use python-dotenv and pg8000

Picture of Alireza Pourmahdavi

Alireza Pourmahdavi

I’m Alireza Pourmahdavi, a founder, CEO, and builder with a background that combines deep technical expertise with practical business leadership. I’ve launched and scaled companies like Caasify and AutoVM, focusing on cloud services, automation, and hosting infrastructure. I hold VMware certifications, including VCAP-DCV and VMware NSX. My work involves constructing multi-tenant cloud platforms on VMware, optimizing network virtualization through NSX, and integrating these systems into platforms using custom APIs and automation tools. I’m also skilled in Linux system administration, infrastructure security, and performance tuning. On the business side, I lead financial planning, strategy, budgeting, and team leadership while also driving marketing efforts, from positioning and go-to-market planning to customer acquisition and B2B growth.

Any Cloud Solution, Anywhere!

From small business to enterprise, we’ve got you covered!

Get Started
light

The web hosting you need comes with incredible prices, developer-friendly features, and scalability you’ll appreciate.

Telegram X-twitter Linkedin-in Facebook Instagram
Navigation
Useful Links
Contact us
  • PayaCloud MB
  • Reg Number: 307265488
Caasify
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.