At the moment, we're hardcoding our database username and password directly within the
Connection class. But, we don't really want to do this. It's too dangerous. Instead, let's extract any secret passwords or keys for our app into its own file, and then lock that down.