DEV Community

Discussion on: How To Integrate A Rich Text Editor (WYSIWYG) In Your React.Js Project.

Collapse
 
yezyilomo profile image
Yezy Ilomo

Good work. Just a reminder don't store your API key in your React App, save it in environment file like .env.local or .env.production as
REACT_APP_TINYMCE_API_KEY=your-api-key-here
and retrieve it by using process.env.REACT_APP_TINYMCE_API_KEY in your react App.

Collapse
 
danielkun profile image
Daniel Albuschat

Good advice, but please don't believe that they are secured when you store them in env vars. They're still part of the JavaScript code delivered to the browser, and hence can be viewed by anybody, e.g. via DevTools.

Collapse
 
emmaccen profile image
Lucius Emmanuel Emmaccen

Wow ! Real helpful feedback. I'll be sure to do that. Thanks for this 🙏🏽💯

Collapse
 
grantwatsondev profile image
Grant Watson

This is something I need to remember to do. I have to refactor my repos on GitHub to remove them

Collapse
 
prateekparmar0 profile image
Prateek Parmar

Does it apply for next.js applications as well?I'm using it in a next js project.

Collapse
 
emmaccen profile image
Lucius Emmanuel Emmaccen

Hi,
Not so sure, currently the supported integrations are for Angular.js, Angular4+, Bootstrap, jQuery, Rails, Swing, WordPress, Vue, and React.js,

but you can keep an eye out: tiny.cloud/docs/integrations/

Collapse
 
anuraghazra profile image
Anurag Hazra

I think as long as those API keys are public keys those are fine.

Also note that you cannot hide API keys on FrontEnd because they will be included anyways in the production build

create-react-app.dev/docs/adding-c...

Just don't store any SECRET_KEYs in frontend