instagram api rails在heroku中隐藏令牌

Question

I want to upload my api to heroku, what I want is that the token is hidden for possible hakers.This code is in ruby on rails app / assets / application.js This is my code 我想将我的api上传到heroku，我想要的是令牌被隐藏以供可能的黑客使用。此代码在Rails app / assets / application.js中的ruby中

   var token = "MYTOKEN",
      userid =  MYUSERID,
      num_photos = 4;

    $(document).ready(function() {

    $.ajax({
        url: 'https://api.instagram.com/v1/users/' + userid + '/media/recent/?access_token=' + token,
        dataType: 'jsonp',
        type: 'GET',
        data: {access_token: token, count: num_photos},
        success: function(data){
            console.log(data);
            for( x in data.data ){
                $("#container").append('<li><img src="'+data.data[x].images.standard_resolution.url+'"></li>');
            }
        },
        error: function(data){
            console.log(data);
        }
    });
    });

Answer 1

Store the token in an environment variable which your rails app can then access and pass to the view. 将令牌存储在环境变量中，然后您的rails应用程序可以访问该环境变量并将其传递到视图。 There are gems such as dotenv that can help you manage access to them locally. 有诸如dotenv之类的宝石，可以帮助您在本地管理对它们的访问。 This article explains how to configure your variables in heroku. 本文介绍了如何在heroku中配置变量。

instagram api rails在heroku中隐藏令牌

问题描述

1 个解决方案

解决方案1
1 2017-04-10 11:14:34

instagram api rails在heroku中隐藏令牌

问题描述

1 个解决方案

解决方案1 1 2017-04-10 11:14:34

解决方案1
1 2017-04-10 11:14:34