How do you store secrets, credentials or private data?
You can and should store secrets, credentials or private data securely inside a
.env is a secure environment config section in your projects, useful for storing API keys and app credentials. Only invited collaborators are able to see the contents of your .env file. So anonymous viewers or logged-in users who haven’t been invited to your project can’t see them. When remixing an app the values are cleared so they’re not copied across.
For example, check out the
.env file for our ~hello-express app:
- Assign your secrets on its own line in
.envstarting with a variable name (for example,
SECRET) followed by an equal sign
=then followed by the value of your secret. *Note: This is a shell file, so you cannot have spaces around the
- You can then reference your secret with
process.env.[secret variable name](in this example,
process.env.SECRET) in your server-side code.
- In addition, creating a folder called
.datais a safe place to store your data files. This folder isn’t copied across when a project is remixed.
Here's a brief video about the .env file: