Fatima Logofatima
Public Secrets

Setting up public secrets

Public secrets should be easy.

How they work

People get confused on how public secrets works, it is easy: they are variables that get defined through .env content instead of hard coding.

Your server variables will never be defined on the frontend, your SSR framework won't allow it.

Be careful!

Your framework will not ship server secrets to the frontend, but no one said you can't mess up and pass them by yourself through routes or html server rendering.

Check out the fatima eslint rule for partially helping you with that.

How to set them up

You can start using public secrets by specifying a public prefix in your config file:

env.config.ts
import { config } from "fatima";
 
export default config({
  client: {
    publicPrefix: "NEXT_PUBLIC_",
  },
});

From now on, as soon as you hit fatima generate, all your .env variables prefixed with NEXT_PUBLIC_ will be available under publicEnv.

Calling publicEnv

So you generated your public secrets, here's how you would call them:

import { publicEnv } from "env";
 
export default function Home() {
  return <div>{publicEnv.MY_SECRET}</div>;
}

We won't leak your secret names!

Even though fatima uses a single file for accessing both server and public secrets, we do not leak your server secret names to the frontend, that's because the server secret names are only types, not values.

Previous

Secret leaking

Next

Additional setup

On this page