I'm trying to implement payments in my MEAN Stack application and I've seen that I need to provide my secret key as follows:
const stripe = require('stripe')(private_key)
However, I feel like this is not secure enough. Which is the best way to improve the security of this code? I guess there are many alternatives, so every piece of advice is welcome.
CodePudding user response:
You can consider to put the value in an environment variable, and load it from here. Depends on the environment / backend stack you are using, you would have various way to configure environment variables.