Secrets are called secrets for a reason. We do not want others to know about them, be it in real life or in JavaScript. In this tutorial, you will learn how to store your credentials as environment variables and learn how to read them in JavaScript. We will discuss 3 different ways to store credentials and read them using JavaScript.
- Storing them as Global Environment Variables
- Providing them as a Command Line Argument
- Storing them in a .env file
- Which is the best way to Read Credentials Locally in Javascript?
If you are interested in a similar tutorial for python, you can check out this article
Storing Credentials as Global Environment Variables
If the credentials are stored as Global Environment Variables, they can be accessed by any script running on your PC.
To Create a Global Environment Variable, run this in your terminal
export varName=varValue
Ensure there are no spaces between the ‘=’. If you get an error
“zsh: Bad Assignment”
or
bash: export: `=': not a valid identifier
it is probably caused because of space between the ‘=’.
Let’s create a couple of global environment variables
export globalUser=secretUser
export globalKey=secretKey
In Windows, you might have to use “set” instead of “export”.
Below is how you would access the variables in Node
const USER= process.env.globalUser
const KEY = process.env.globalKey
console.log(USER) // secretUser
console.log(KEY) // secretKey
process.env
returns an object with all your Global Environment Variable.
You do not need to install any npm library since process is a built-in library in Node. The biggest con of Global Environment Variables is that you risk overwritting previously existing variables. As time goes by, it will be hard to keep track of previously created variables and avoid overwriting.
If you want to remove the environment variable you created earlier
unset globalUser
unset globalKey
Providing Credentials as Command Line Arguments
If you want to pass your credentials in the command line
globalUser=secretUser
globalKey=secretKey
node app.js
You could access them in Node the same you way you accessed the global environment variables
const USER= process.env.globalUser
const KEY = process.env.globalKey
console.log(USER) // secretUser
console.log(KEY) // secretKey
A caveat to doing something like this is that you will have to remember to pass the credentials as command-line arguments each time you run your script.
Storing Credentials in a .env file
You can create a file named .env
and store your credentials over there. Although you can store your credentials in any file and read them from your file, conventionally credentials are stored in .env files.
globalUser=secretUser
globalKey=secretKey
.env files are usually used to store secrets and credentials. Make sure to add it to your .gitignore
file so that you don’t commit it by mistake.
To read variables from an .env file you will have to install dotenv
which is a npm package.
npm install dotenv --save
dotenv
can be installed as a dev dependency since it will only be used during development to load variables from .env
files.
Below is the code to read the variables from the env file
require('dotenv').config()
const USER= process.env.globalUser
const KEY = process.env.globalKey
console.log(USER) // globalUser
console.log(KEY) // globalKey
As you can see most of the code is same as before. The only addition being the require
statement at top.
Which is the best way to Read Credentials Locally in Javascript?
In my opinion, the best way is to store them inside a .env file.
- They are local to your project
- You do not need to worry about ‘unsetting’ them.
- If you add them to your .gitignore file, it is safe from the outside world
The only con is that if there is a Global Environment Variable with the same name as a variable in the .env
file, process.env
will return the Global Environment Variable.