I've gotten the action mailer to work, but I want to make sure I'm protecting the username/password combination that I end up using. This is being developed for ea company and will be using their credentials, email address, etc
Here's what I have using my Gmail as a test in the development environment:
config.action_mailer.smtp_settings = {
address: "smtp.gmail.com",
port: 587,
domain: "127.0.0.1",
authentication: "login",
enable_starttls_auto: true,
user_name: "emailaddress@gmail.com",
password: "mypassword"
}
You're right to want to protect the password.
If you're using an older version of Rails (4.0 or less) you can use the Figaro gem found here...
https://github.com/laserlemon/figaro
You will have a 'config/application.yml' file which (by default) will NOT be uploaded to your repository. You would include in it...
email_user_name: "emailaddress@gmail.com"
email_password: "mypassword"
And then in your environment(s) you use...
config.action_mailer.smtp_settings = {
address: "smtp.gmail.com",
port: 587,
domain: "127.0.0.1",
authentication: "login",
enable_starttls_auto: true,
user_name: ENV["email_user_name"],
password: ENV["email_password"]
}
... and it all works wonderfully. On production you set your environment variables to the secreted information.
Rails 4.1 provides a secrets.yml that works similarly...
development:
email_user_name: emailaddres@gmail.com
email_password: mypassword
...and then in use, you retrieve the values with...
config.action_mailer.smtp_settings = {
address: "smtp.gmail.com",
port: 587,
domain: "127.0.0.1",
authentication: "login",
enable_starttls_auto: true,
user_name: Rails.application.secrets.email_user_name,
password: Rails.application.secrets.email_password
}