OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

Best Practices for Storing Keys and Public URLs in Expo React Native Project? How to make secrets environmental variable in expo?

  • Thread starter Thread starter JISHNU T RAJ
  • Start date Start date
J

JISHNU T RAJ

Guest
I'm currently working on a React Native project using Expo and need guidance on securely storing keys and public URLs. I want to ensure that sensitive information is handled properly to maintain security.

Specific Issues: I have two main concerns:

  1. Storing public API URLs securely.
  2. Managing sensitive information like keys in a safe and reliable manner.

Current Approach:​


Following the Expo documentation, I've stored public URLs in the .env file in the root folder using the format EXPO_PUBLIC_[NAME]=VALUE. Additionally, I've used the eas secret:create command to generate keys.

Actual vs. Expected Output:

When I list the secrets using eas secret:list, the output doesn't match what I expected based on the documentation. I'm seeing a different format, and I'm unsure if I'm following the correct procedure.

Request for Help:

What are the best practices for securely storing public API URLs in an Expo React Native project? How should I manage sensitive information like keys to ensure security and reliability? Can anyone provide guidance on interpreting the output of eas secret:list and ensuring it aligns with the expected format?

Code:
  # .env file
EXPO_PUBLIC_API_URL=https://example.com/api
CONSUMER_KEY=key_number
CONSUMER_SECRET=consumer_secrets

What I got:

Code:
eas secret:list
Secrets for this account and project:
ID          _id
Name        SECRET_NAME
Scope       project
Type        STRING
Updated at  Apr 23 17:32:46

What I expected:

Code:
eas secret:list
Secrets for this account and project:
┌────────────────┬────────┬─────────┬──────────────────────────────────────┬─────────────────┐
│ Name           │ Type   │ Scope   │ ID                                   │ Updated at      │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ APP_UPLOAD_KEY │ string │ account │ 366bd434-b538-4192-887c-036c0eddedec │ Oct 05 11:51:46 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ NPM_TOKEN      │ string │ project │ 03f4881f-88fd-4d94-9e35-a5c34d39c2f2 │ Oct 05 11:51:33 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ SECRET_FILE    │ file   │ project │ 72c7ac1e-78d0-4fa2-b105-229260cecc88 │ Oct 05 11:52:12 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ sentryApiKey   │ string │ project │ 88dd0296-9119-4d50-a91b-1f646733f569 │ Oct 05 11:51:40 │
└────────────────┴────────┴─────────┴──────────────────────────────────────┴─────────────────┘

I appreciate any insights or recommendations on how to handle these aspects of Expo React Native development securely.
<p>I'm currently working on a React Native project using Expo and need guidance on securely storing keys and public URLs. I want to ensure that sensitive information is handled properly to maintain security.</p>
<p>Specific Issues:
I have two main concerns:</p>
<ol>
<li>Storing public API URLs securely.</li>
<li>Managing sensitive information like keys in a safe and reliable
manner.</li>
</ol>
<h2>Current Approach:</h2>
<p>Following the Expo documentation, I've stored public URLs in the .env file in the root folder using the format <code>EXPO_PUBLIC_[NAME]=VALUE</code>. Additionally, I've used the <code>eas secret:create</code> command to generate keys.</p>
<p>Actual vs. Expected Output:</p>
<p>When I list the secrets using eas secret:list, the output doesn't match what I expected based on the documentation. I'm seeing a different format, and I'm unsure if I'm following the correct procedure.</p>
<p>Request for Help:</p>
<p>What are the best practices for securely storing public API URLs in an Expo React Native project?
How should I manage sensitive information like keys to ensure security and reliability?
Can anyone provide guidance on interpreting the output of eas secret:list and ensuring it aligns with the expected format?</p>
<pre><code> # .env file
EXPO_PUBLIC_API_URL=https://example.com/api
CONSUMER_KEY=key_number
CONSUMER_SECRET=consumer_secrets
</code></pre>
<p>What I got:</p>
<pre><code>eas secret:list
Secrets for this account and project:
ID _id
Name SECRET_NAME
Scope project
Type STRING
Updated at Apr 23 17:32:46
</code></pre>
<p>What I expected:</p>
<pre><code>eas secret:list
Secrets for this account and project:
┌────────────────┬────────┬─────────┬──────────────────────────────────────┬─────────────────┐
│ Name │ Type │ Scope │ ID │ Updated at │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ APP_UPLOAD_KEY │ string │ account │ 366bd434-b538-4192-887c-036c0eddedec │ Oct 05 11:51:46 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ NPM_TOKEN │ string │ project │ 03f4881f-88fd-4d94-9e35-a5c34d39c2f2 │ Oct 05 11:51:33 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ SECRET_FILE │ file │ project │ 72c7ac1e-78d0-4fa2-b105-229260cecc88 │ Oct 05 11:52:12 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ sentryApiKey │ string │ project │ 88dd0296-9119-4d50-a91b-1f646733f569 │ Oct 05 11:51:40 │
└────────────────┴────────┴─────────┴──────────────────────────────────────┴─────────────────┘
</code></pre>
<p>I appreciate any insights or recommendations on how to handle these aspects of Expo React Native development securely.</p>
Continue reading...
 
Top