loading...

Hide Your API Key In NodeJS

jabermudez11 profile image Justin Bermudez ・1 min read

Node has an object called 'process' that can be used throughout the whole Node project.

When starting your Node project you can have a list of all your global variables in one file which we will call '.env'

If you do not have it then add it to the top level of your directory.
Inside of your '.env' file, put in your api key with any variable in ALL CAPS

API_KEY = blahblahblahimakey

Now go to your 'app.js' file or wherever you need the key,
and require the '.env' file

require('dotenv').config()

Now you are able to use the key in this file by calling
process.env.API_KEY

But to finally hide the key, since we were able to put this key into another file. We can include this file into the gitignore so we do not need to worry about our key being open on GitHub.

Discussion

pic
Editor guide