Follow

What's your preferred way to keep API keys securely stashed when preparing your website ready for production?
I need to stash IG, Youtube and probably Facebook keys and I want to keep the site as minimal as possible regarding plugins and frameworks etc.
Keeping it JS only wasn't an option as I need a back-end too or is there a way I haven't discovered yet?
I'm currently checking out Django with Python but it feels bloated...

· · Web · 1 · 0 · 0

@7047741 by "we" I mean my professional colleagues. This is a pretty standard practice for web apps.

@stephen @7047741 unless I'm misunderstanding, node.js is js backend? but yea as setphen linked, there is a concept called "dotenv", a .env file which is where you store keys, they get automatically assigned to environment variables, and that file is kept out of version control. In a lot of cases (docker, etc) there's the concept called 'secrets' which just equates to the same/similar thing, where you read it from the environment it runs in, rather than storing it in/with the code

@_discovery @stephen Using this practice in the Django framework too. I'm already using npm as autotask runner so I'll implement dotenv there. Thanks a lot for pointing this out.

@_discovery @stephen dotenv needs a node server running, right? I'm not actually running a node server but just using npm with a package.json file: github.com/friederjanmoerman/e

@_discovery @stephen I did find this — you can declare config in the package.json — but for now it's unclear to me how I can implement dotenv docs.npmjs.com/files/package.j

@_discovery node.js is indeed a js back-end, but I don't need a back-end, unless you can only put env variables by having a back-end?

@7047741 .env is more of a paradigm. how you load those keys into the environment is not particularly node based. it's convention like

Sign in to participate in the conversation
Merveilles

Merveilles is a community project aimed at the establishment of new ways of speaking, seeing and organizing information — A culture that seeks augmentation through the arts of engineering and design. A warm welcome to any like-minded people who feel these ideals resonate with them.