Environment Variables With dotenv ๐Ÿ™Š

Contents

There are instances in an application where you need to be able to hide certain things from your GIT commits. Things like API keys that you canโ€™t make publicly available. When that happens you need to have a way to insert a variable in place of those secret bits of information and have the definitions in a file that is only accessible to you.

Thatโ€™s exactly what the dotenv package does. After you have followed the installation instructions in the docs you simply make a .env file and put your definitions in there.

dot env file

CLOUDINARY_CLOUD_NAME='theNameOfYourCloud'
CLOUDINARY_API_KEY='123456789'
CLOUDINARY_API_SECRET='123FakeKey456'

For example I have a use case for this right now where I am building a blog CMS application and implementing image uploads. To do this iโ€™m connecting with a service called Cloudinary and I need to provide my API key in my code. If I just put the API in plain text and then commit my project to GIT my connection info will be available to everyone which is going to be a bad day for me.

Once I have put the above definitions into my .env file and configured the package correctly I can then go into my application and call that secret information like so.

// ***************************
// Cloudinary Config
// *************************** 
 cloudinary.config({ 
  cloud_name: process.env.CLOUDINARY_CLOUD_NAME, 
  api_key: process.env.CLOUDINARY_API_KEY, 
  api_secret: process.env.CLOUDINARY_API_SECRET
});

The .env file should be ignored by GIT by default, but I figure it doesnโ€™t hurt to add it to the .gitignore file just in case, so I went ahead and did that. ๐Ÿ‘