Dotenv File for Secrets
When dealing with local secrets, it is best practice is to keep secrets in an environment variable file, rather than hardcoding into code directly. A common convention is to use a "dotenv" file, as it is supported by many programming languages and is often appears in .gitignore file templates. The default for a dotenv file is .env (this is the entire filename, not an extension), but most dotenv libraries will support any name.
The practice of keeping secrets in dotenv files is optional, but highly encouraged. This allows you to share scripts without accidentally sharing secrets, making those scripts more portable
Example Dotenv (.env) File
Dotenv files are just text files, structured so that they can be executed by a shell command, thus loading them as environment variables. An example .env file for MakeInfinite APIs might look like:
API_URL="https://api.spaceandtime.dev"
USER_ID="JaneDoe"
USER_PUBLIC_KEY="mNczmcOoMqHQzaW0/lXuCRa5YYPcQms92q0G+VzKtY="
USER_PRIVATE_KEY="7zoZMnvJv+spt5lUjF0Isuxi9jlwJCCWCglJmSVghc="
USER_PASSWORD="Aok3pnEPK"There are no spaces before or after the equal sign. Shell commands in some operating systems can register spaces as valid characters and include them in the variable.
To create a dotenv file, simply create a new text file in the location of your choice and rename it to .env, and copy the above example content into your dotenv file for a quick start. Update the User* information, and you're ready to start using MakeInfinite projects with secure secrets!
To test, open up a terminal window, navigate to the folder containing your .env file, and type:
echo "Load .env secrets into environment variables:"
. ./.env
echo "Loaded USER_ID from .env file: "$USER_IDThis should print the last string, with your User_ID at the end.
Congrats! You've configured your dotenv file for safely storing and using keys!
Assumption of Environment Variables in Docs
While using the MakeInfinite docs you will find many examples, most of which use a combination of the sxtcli and .env files to contain secrets. For consistency, these docs will assume the following environment variables are available:
| Environment Variable | Description |
|---|---|
| API_URL | Base URL to the Space and Time network, aka https://api.makeinfinite.dev |
| USER_ID | User ID / UserName for Space and Time (SXT Chain) authentication |
| USER_PRIVATE_KEY | ED25519 or Private Key (base64) that corresponds to the above USER_ID |
| USER_PUBLIC_KEY | ED25519 Public Key (base64) that corresponds to the above USER_ID |
| USER_PASSWORD | Password used by Space and Time Studio that corresponds to the above USER_ID |
| USER_API_KEY | API Key associated with the USER_ID |
| RESOURCE_PRIVATE_KEY | ED25519 (hex) Private Key to control a table or view |
| RESOURCE_PUBLIC_KEY | ED25519 (hex) Public Key to control a table or view |
| BISCUIT | Biscuit Token (base64) for decentralized authorization (often prefixed, i.e., ADMIN_BISCUIT, READ_BISCUIT, etc.) |
| ACCESS_TOKEN | The USER_ID authorized session token for Space and Time (SXT Chain) |
Test on SXTCLI
To test, try to authenticate to the Space and Time Managed DB (with valid credentials) by first loading your .env file, then use sxtcli authenticate:
echo "Load .env file"
. ./.env
echo "Login to SXT"
sxtcli authenticate login \
--url=$API_URL \
--userId=$USER_ID \
--publicKey=$USER_PUBLIC_KEY \
--privateKey=$USER_PRIVATE_KEY
echo "Save Access Token for later use"
ACCESS_TOKEN="eyJ0eXBlIjoiYWNjZXNzIiwia2lkIjoiZTUxNDVkYmQtZGNmYi00ZjI..."
Or, more concisely:
echo "Load .env file and get ACCESS_TOKEN"
. ./.env
ACCESS_TOKEN=$(sxtcli authenticate login \
--url=$API_URL \
--userId=$USER_ID \
--publicKey=$USER_PUBLIC_KEY \
--privateKey=$USER_PRIVATE_KEY | awk 'NR==2{ print $2 }' )
ECHO $ACCESS_TOKEN
Updated 1 day ago