Hide sensitive information in your Flutter project

The cat said

Sometimes we need to hide sensitive information in the project, such as your Ali OSS account AccessKey. It is very dangerous to write code and upload git repository, so we need to use environment variables to hide it. Remember to add your.env file to your.gitignore file for filtering.

Old iron remember to forward, Brother Cat will present more Flutter good articles ~~~~

Ducafecat WeChat group

B stationspace.bilibili.com/404904528

The original

Medium.com/flutter-com…

code

Github.com/Wizpna/flut…

reference

Pub. Dev/packages/fl…

The body of the

I’m excited to write about this topic, as this is an area where mobile application developers must have little or known knowledge.

As an app developer, developing and deploying an app on Google Play Store or Apple Store doesn’t mean you’ve exhausted your mobile app development cycle.

The mobile application development cycle also includes improving application security.

That’s why I’m sharing this article so that you’ll learn how to hide sensitive security keys in your Flutter application.

At the end of this article, you will learn how to use a Flutter plug-in called Flutter_dotenv to hide sensitive keys in your Flutter application.

Pub. Dev/packages/fl…

So let’s get started

Create your Flutter application using Visual Studio, IntelliJ, or Android Studio, then open the “Pubspec.yaml” file and install the following packages.

dependencies:
  flutter_dotenv: ^ 5.0.0
Copy the code

Create an. Env file under the root of your Flutter project

Add the newly created. Env file to the asset package in the pubspec.yaml file.

assets:
  - .env
Copy the code

Note: Add the newly created. In the pubspec.yaml file, run flutter Pub get in the terminal, or click Pub Get in IntelliJ or Android Studio to add the file to the current working directory folder.

After successfully added. Add your sensitive keys to the pubspec.yaml file. The env file you created. (For example, see figure below)

The next step is to initialize/load the. Env file contents in the main.dart file, as shown below:

The next step is to visit. Circular file. You can visit. Use the following code.

dotenv.env['VAR_NAME'];
Copy the code

See the picture below for a proper understanding

Run the project using a physical device or simulator test

Please note: for the sake of this tutorial, I have to show the sensitivity keys I added in my. Because I want you all to see it, know how to store sensitive keys in env files, and access it anywhere in the Flutter application.

This mode of storing sensitive keys in env files helps to safely guide sensitive keys from exposure when a hacker decompiles an application.

Always remember to add. File as an entry in your.gitignore file. The.gitignore file is a plain text file with each line containing files/directories not included in git Working Copy.

If you’ve read this far, congratulations!

This is the source code for the project you just worked on.

Github.com/Wizpna/flut…

If you find this article helpful and educational, please hit the high-five button as many times as possible to show your support

The elder brother of the © cat

ducafecat.tech/

github.com/ducafecat

The issue of

Open source

GetX Quick Start

Github.com/ducafecat/g…

News client

Github.com/ducafecat/f…

Strapi manual translation

getstrapi.cn

Wechat discussion group Ducafecat

A series of collections

The translation

Ducafecat. Tech/categories /…