DEV Community

Discussion on: Building a realtime multiplayer browser game in less than a day - Part 3/4

Collapse
 
lakaschus profile image
lakaschus

I'm a little confused about where to save the API key. I guess I shouldn't place it directly in the code, because then it would be exposed. So you mention a secret .env file. Do I just have to paste the key in the process.env file? How does the code read the API key from this file?
Thank you for this tutorial!

Collapse
 
srushtika profile image
Srushtika Neelakantam

Hey - yes. So the front end client doesn't use a key directly, it uses a token (which is why you see an authUrl). As for the backend server, it uses the API directly via the env variables. Your .env file at the root of the project would look as follows:

ABLY_API_KEY=yourapikeyvalue
PORT=5000
Enter fullscreen mode Exit fullscreen mode

This can be accessed from the code as follows:

const envConfig = require("dotenv").config();
const ABLY_API_KEY = process.env.ABLY_API_KEY;
Enter fullscreen mode Exit fullscreen mode
Collapse
 
alaskathunderfx profile image
alaskaThunderfx

Thank you! I wasn't sure about this as well, and this also answered my question!