Is there a way to store / use secrets, like an API token, within a Postgres function?
Use case: our users can upload and delete images. I need to check the authorizations of the user before deleting an image. Seems like the workflow that minimizes number of network calls would be:
1. Call Postgres function to check authorization
2. Delete in external storage using an HTTP call from the Postgres function
3. If successful, remove from the DB
We're using an external storage provider (for now 😉 ), so the HTTP call requires an API access token we don't want to expose. I don't know enough about Postgres to know if I can just define it inline in the function (as long as I don't commit the code), if there is an extension to store secrets or if it's just not doable