Hiding API Keys in Environment Variables and Pushing Code to Github

To accomplish this, we will be using an npm package called dotenv.

Dotenv is a zero-dependency module that loads environment variables from a .env file into process.env

  1. Install the dotenv package
npm i dotenv

2. Require dotenv in the server file


3. Create a new file in your project called .env

4. In the .env file, paste all of your API keys


5. Access the API key with process.env

const api_key = process.env.API_KEY;

6. Create a .gitignore file and add the .env file to it

The code in the .gitignore file:


7. Upload to Github!

It’s recommended to include something that will help others understand what to do with .env variables whether that be using the README, .env_sample, etc.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s