At the moment, we're hardcoding our database username and password directly within the
class. But, we don't really want to do this. It's too dangerous. Instead, let's extract any secret passwords or keys for our app into its own file, and then lock that down.