I have a Wix site with Corvid (aka "Dev mode") enabled. My backend code uses some API keys to connect to Twilio. I use local mode to edit my code, and I check it into git. For obvious security reasons, I want to keep the API key out of my code.
The usual solutions like keeping my secrets as environment variables do not apply because I have no access to the environment at Wix.
Corvid has a secret manager that serves that need. Add your secret key (e.g. meaning_of_life to the secret manager, import the getSecret at the backend, and retrieve the relevant value at run time without having 42 (oops!) anywhere in your code.
import {getSecret} from 'wix-secrets-backend';
export async function meaning_of_life(factor1, factor2) {
const mySecret = await getSecret('meaning_of_life');
return mySecret;
}
import {meaning_of_life} from 'backend/backend.jsw'
$w.onReady(async function () {
console.log(await meaning_of_life())
});
