I have a file called server.js in my Glitch project that contains a private key that the public should not have viewing access to. Is there a way to make sure that only I and collaborators can see what’s in this file? Thanks!
Hi @scheerio there absolutely is! You should put your key in the .env file in your project and then access it from Node using process.env.{variable_name} where {variable_name} is whatever you call your private key info in .env. Anyone viewing your project will be able to see the name of the variable but not it’s value - only collaborators you’ve invited will be able to see the value, and remixes from your project will also get a copy of your .env file with the values removed.
You can read a little more about it in our help docs.
As a precaution, if your key has been exposed publicly I’d advise you to change it after you removed it from your server.js file.
Let us know if you have further questions.
1 Like