Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Proposal: Pull API key from app.json / share with react-native-maps
See original GitHub issueUsing the API key as a prop presents obvious security issues. The key should be able to be pulled from app.json just as with react-native-maps.
I have a feeling this isn’t something that is easy to do, but as it is currently it presents an issue that controls on the API key associated with things like the bundleIdentifier probably don’t work as expected.
The best solution I can conceive is not making the prop required and using it from a dependency from react-native-maps, since this is required anyway.
I’m going to experiment with this on my own and I believe that as long as MapView (or another component which relies on an API key) is part of your component and wraps MapViewDirections it shouldn’t be necessary to use the key directly.
Obviously, this means a bit of a rewrite on react-native-maps-directions to not request the key, but there must be some way to code around it.
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Decided to comment over here instead of opening a new issue. The idea is that to properly secure the API keys, the API calls should be native, not from JS. With the API calls triggered from JS, one cannot restrict API usage, so if the key is “stolen”, doesn’t matter how, it is compromised.
Thanks for your report and follow-up. I’m closing this issue, as:
app.jsonis something specific to Expo, and not React Native in itself.MapViewDirectionscomponent itself does not store the API key — It only gets it injected at runtime through a prop.As a user of this component you can decide yourself where you want to store it. Be it in
app.json, a config-file usingreact-native-config, an API call to your own API that you do upfront, etc. Securing those locations falls outside the scope ofreact-native-maps-directions.