1

I'm building a web page using openai gpt API in reactjs. I saved my API key on .env file then gitignored it. And I deployed my code with gh-pages, but openai detects it and rotate the key automatically. How can I use API key properly?

const DEFAULT_PARAMS = {
            model: "gpt-3.5-turbo",
            messages: [{"role": "user",
                        "content": message
            }],
            temperature: 1,
            max_tokens: 1000
        };
        const params_ = {...DEFAULT_PARAMS};
        const result = await fetch('https://api.openai.com/v1/chat/completions', {
            method: 'POST',
            headers: {
                'Content-Type': 'application/json',
                'Authorization': 'Bearer ' + String(process.env.REACT_APP_OPENAI_API_KEY)
            },
            body: JSON.stringify(params_)
        });
        const data = await result.json()
Improve this question

3 Answers 3

Reset to default
0

You can refer to this question regarding securing secrets on static websites hosted on GitHub Pages.

Short answer: it's impossible because everything is exposed in the code.

You need to use another way to deploy your website. For example, frameworks like NextJS.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

First encrypt the API key using crypto-js:

const encryptText = (plainText: string): string => {
  return CryptoJS.AES.encrypt(plainText, secretKey).toString();
};

Then copy the results and remove the above code. Next, do this in the file where the API key is needed:

const decryptText = (encryptedText: string): string => {
  const bytes = CryptoJS.AES.decrypt(encryptedText, "your password");
  return bytes.toString(CryptoJS.enc.Utf8);
};

And you can use the authorization like so:

Authorization: `Bearer ${ decryptText(encryptedAPI)}`
Improve this answer

Comments

-1

I use nestjs framework, the apiKey also rotated.. enter image description here

Improve this answer

1 Comment

Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.