How to Hide API Keys
How to Hide API Keys from github
Step 1:
In your project, create a config.js file and open it up.
Note: You can also do it in the terminal, using these commands:
touch config.js
atom config.js
Step 2:
In the config file, enter your API keys.
var config = {
MY_KEY : '123456',
SECRET_API_KEY : '56789',
SECRET_KEY : '101010'
}
You can name your variables whatever you would like. The convention is to name config keys in all caps.
Step 3:
Replace every instance of the API keys with these new variables. E.g. if you had:
url: 'https//www.whatever.com/?query&sig=12345'
Now you will have:
url: 'https://www.whatever.com/?query&sig=' + mykey
Step 4:
Create a .gitignore file and open it. Note the period at the start of the file name.
Note: You can also do it in the terminal, using these commands:
touch .gitignore
atom .gitignore
Step 5:
In the .gitignore file, enter any file names that you want git NOT to track/commit/push. No other code is necessary. In this case you would enter:
config.js
Step 6:
Type git status
. You should see the .gitignore file ready to be tracked. You should NOT see the config.js file.
Step 7:
git add .
, and git status
again. Make sure the config.js file didn't get added. If everything looks good, you're ready
to commit and push.
If you have already pushed commits with sensitive data, follow this guide to remove the sensitive info while retaining your commits: https://help.github.com/articles/remove-sensitive-data/