I'm creating a CLI with Node.js that needs to take in information from MediaWiki's API (Wikipedia's platform) and from Steam's API. The first part isn't too much of an issue since it doesn't require anything, but Steam's needs an API key. This is fine when I'm testing it myself, since I can just put mine in, but that's neither safe nor efficient if used by others.
What would be the best way to acquire and store a user's API key? I was attempting to read up on OAuth but I have no clue how you'd do that in a local CLI app. I also saw something about just asking the user to get an API key, but that seems inconvenient (and I'm not sure how I'd store that on their computer safely anyway). Is there a better option?
CodePudding user response:
Just use a .env local file and add it to your .gitignore file, put the API_KEY as a variable and only you can read the content in your local 'cause you're not pushing this file to your remote repo. If you have issues using .env files just install dotenv npm package, it's very useful: https://www.npmjs.com/package/dotenv