I'm a little confused about where to save the API key. I guess I shouldn't place it directly in the code, because then it would be exposed. So you mention a secret .env file. Do I just have to paste the key in the process.env file? How does the code read the API key from this file?
Thank you for this tutorial!
Hey - yes. So the front end client doesn't use a key directly, it uses a token (which is why you see an authUrl). As for the backend server, it uses the API directly via the env variables. Your .env file at the root of the project would look as follows:
I'm a little confused about where to save the API key. I guess I shouldn't place it directly in the code, because then it would be exposed. So you mention a secret .env file. Do I just have to paste the key in the process.env file? How does the code read the API key from this file?
Thank you for this tutorial!
Hey - yes. So the front end client doesn't use a key directly, it uses a token (which is why you see an authUrl). As for the backend server, it uses the API directly via the env variables. Your .env file at the root of the project would look as follows:
This can be accessed from the code as follows:
Thank you! I wasn't sure about this as well, and this also answered my question!