https://kotlinlang.org logo
#ktor
Title
# ktor
m

manlan

07/03/2020, 6:32 AM
Hello folks! How do I handle API keys in Ktor? Where do I put and access them safely?
👀 2
Anyone, please?
s

Satyam Agarwal

07/03/2020, 6:11 PM
This is not ktor specific I think. It’s a web framework. Easiest way would be make those keys available as environment variables and use these environment variables in the config.
m

manlan

07/03/2020, 6:16 PM
Thanks, should it look something like this? How do I read this from Ktor code?
Is putting it in the application object correct?
s

Satyam Agarwal

07/03/2020, 6:21 PM
So I usually keep all my application specific configs outside of ktor object like this :
Copy code
ktor {
  deployment {
    port = 8080
    autoreload = false
    watch = []
  }
}

db {
  connectionTestQuery = SELECT 1
  isReadOnly = false
  jdbcUrl = ${JDBC_URL}  
  password = ${SECRET_DB_USER_PASSWORD}
}
I als use https://github.com/config4k/config4k for resolving config files. I find this approach pretty neat
and then you can override them based on environments, for example local :
Copy code
ktor {
  deployment {
    environment = "local"
    autoreload = true
    watch = ["my/source/package"]
  }
}

db {
  password = ""
}
m

manlan

07/03/2020, 6:31 PM
Thanks, seems a neat approach. Will try it 🙂