Securing Express APIs: Using the DotEnv library to keep secrets safe (What-Why-Where-How)

This video is a live coding tutorial held during one of my full-stack web development courses. It is part of a full series on Securing Express API applications. In this video we run through the process of setting up a .env file to be read by the DotEnv NPM package, adding a .gitignore file to the project so that the .env will not be added to git repositories, and adding a config module responsible for reading the environment variables. The concepts surrounding each of the steps above are covered in great detail in order to make sure that my students understand the why behind the process rather than just doing.

Please keep in mind that this is a live coding session and therefore the quality is not necessarily of production value.

Published by

Tim Clark

Experienced Business Owner, Chief Information Officer, Vice President, Chief Software Architect, Application Architect, Project Manager, Software Developer, Senior Web Developer, Graphic Designer & 3D Modeler, University Instructor, University Program Chair, Academic Director. Specialties: Ruby, Ruby on Rails, JavaScript, JQuery, AJAX, Node.js, React.js, Angular.js, MySQL, PostgreSQL, MongoDB, SQL Server, Responsive Design, HTML5, XHTML, CSS3, C#, ASP.net, Project Management, System Design/Architecture, Web Design, Web Development, Adobe CS6 (Photoshop, Illustrator)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s