The latest articles on DEV Community by Allen Walker (@allenwalker3). https://dev.to/allenwalker3 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1144951%2Fd1b344c5-eca7-4a37-97fe-da817159e4b6.jpeg https://dev.to/allenwalker3 en Allen Walker Tue, 03 Oct 2023 22:03:02 +0000 https://dev.to/allenwalker3/how-to-store-google-api-key-as-secret-with-expo-5egg https://dev.to/allenwalker3/how-to-store-google-api-key-as-secret-with-expo-5egg <p>If your react native expo application needs to access google services (such as google maps) you will need to create a google api key. The problem is this api key must remain hidden from the public or you risk receiving a large unannounced bill from Google.</p> <p>You also do not want the api key embedded in the client application as this can be extracted by a determined hacker.</p> <p>Fortunately this is pretty easy.</p> <p>Open a terminal and enter</p> <ul> <li><code>eas init</code></li> </ul> <p>This is will generate an app.json file or if you already have one, it will add <code>extra.eas.projectId</code> to app.json</p> <ul> <li>Rename your app.json file to app.config.js. </li> </ul> <p>Now edit app.config.js, it should something like this.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--Z-YVU0iy--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/z73phl9jm3aft0ny8g93.jpg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--Z-YVU0iy--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/z73phl9jm3aft0ny8g93.jpg" alt="app.config.js" width="800" height="1117"></a></p> <p>First notice line 1. Since this is a js file we must export the json. Add <code>export default {...}</code></p> <p>Now note line 40: <code>"apiKey": process.env.GOOGLE_SERVICES_API</code></p> <p>GOOGLE_SERVICES_API is the secret variable we must now create on expo.dev</p> <p>Login to your expo.dev account, click secrets, and add the new variable <code>GOOGLE_SERVICES_API</code> and set the value to your google api key.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--hlRdzUCr--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/4ayoc8xggq0dqr7ens1h.jpg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--hlRdzUCr--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/4ayoc8xggq0dqr7ens1h.jpg" alt="Expo.dev secrets" width="800" height="608"></a></p> <p>Go back to your terminal and type</p> <ul> <li> <code>eas secret:list</code> </li> </ul> <p>you should see something like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Secrets for this account and project: ID 30af395a-70bb-4b33-afe7-xxxxxxxxxxx Name GOOGLE_SERVICES_API Scope project Type STRING Updated at Oct 03 11:29:30 </code></pre> </div> <p>That's it! Now you can checkin your files to a public repository with no worries of a hacker exploiting your google api key.</p> reactnative javascript