Explain
API keys + environment variables (no accidental leaks)
Your Riot API key is a secret. The goal: your code can read it, but it doesn’t end up pasted into GitHub or a screenshot.
TL;DR
- Store the key outside your code (env var is simplest).
- Read it with
os.environ.get('RIOT_API_KEY'). - Never print the key. Print status codes and URLs instead.
Read an env var in Python
The pattern
import os
api_key = os.environ.get('RIOT_API_KEY')
if not api_key:
raise RuntimeError('Missing RIOT_API_KEY env var')Set it in your terminal
This changes between shells/OSes, but the idea is the same: set, then run.
Example (macOS/Linux shells)
export RIOT_API_KEY="RGAPI-..."
uv run python -m src.scoutPrint receipts, not secrets
Safe debugging prints
print('URL:', url)
print('STATUS:', r.status_code)
if r.status_code != 200:
print('BODY:', r.text[:200])