Home > OS >  is NextJS API folder and files safe to store something like API Key, secret word, etc
is NextJS API folder and files safe to store something like API Key, secret word, etc

Time:04-29

  • I want to build a simple nextJS route that handles payments.
  • In that route's handler I'm commentating with a third-party service via fetch to process a payment.
  • one of the headers is a token (a secure token that should not be visible to anyone).
  • I'm keeping the token in a string variable inside the route handler and using it in the fetch call.

My question is, is this safe? is the API folder exposed to the front-end like everything else?

CodePudding user response:

API folder is not exposed on frontend you can safely store the token it will not be visible on frontend

once you add code on you /api folder it will be on server side unless you expose your token through res.send/res.json() or show the source code to other people then they will see your token. if you want you could add your token in environment variables

CodePudding user response:

Everything added into the api folder will never reach the client side, however is recommended and considered as a good practice to save your sensitive data in .env file

Page link:https//www.codepudding.com/os/388865.html

Prev:Accessing Values In Nested Dict In Python - String Indices Must Be Integers
Next:Best practice for pagination in API REST
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding