shopify-next.js-tailwind icon indicating copy to clipboard operation
shopify-next.js-tailwind copied to clipboard

Published 20 hours ago verified publisher icon iskurbanov

Public environment variables

Open ollebergkvist opened this issue 2 years ago • 0 comments

Using publicly exposed environment variables for the access token and store domain is not a good idea as they will be included in the build and are easily accessed by the client.

Hence, createCheckout and updateCheckout in src/lib/shopify.ts should be moved to api routes as they are run client-side. The other queries are run server-side (getStaticProps), so they can utilize env variables.

Maybe that was mentioned in the course, but I believe a lot of people might use this project as a starting template. So maybe it's important to mention it somewhere in the readme.

Great material otherwise, I learned a lot from just exploring the repo.

ollebergkvist avatar Nov 11 '22 17:11 ollebergkvist