Security of react-native-dotenv #482
Unanswered
Golberg-Mark
asked this question in
Q&A
Replies: 0 comments 1 reply
-
|
are you using managed expo? if so, most secure thing to do is to enter your keys into the expo dashboard directly. Then you can use expo environment variables or react-native-dotenv for using those variables. As you know, it is not a good idea to be keeping compiled apps with keys baked in git. However, if these are sensitive 3rd party API keys, you might want to consider using your back-end as a proxy for the API instead. If this is your API, you should consider using a token authentication system for your API. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hey! I have a question about your react-native-dotenv repository. I'm trying to find a way for storing sensitive api keys in my expo app. In expo v49 and higher they can store public variables in .env file with prefix
EXPO_PUBLIC_. But with this approach they paste these env variables in your code and it's not secure. So I tried to find solution for this problem and found your repository. I wanna ask you: does your lib paste this variables into the code asEXPO_PUBLIC_or no?Beta Was this translation helpful? Give feedback.
All reactions