Zujaj Misbah Khan's Blog

Envify - Your Secret Vault in Flutter

Envify - Your Secret Vault in Flutter

Keeping Your Secrets Hidden using the Envify Package in Flutter.

Zujaj Misbah Khan's photo
Zujaj Misbah Khan
·

4 min read

Table of contents

OVERVIEW

As a Flutter Developer, there comes a time when you need to specify some confidential information in your source code such as API Keys, File Paths, URLs, Client-Side Secret Key etc, so the question arises how would you:

✔️ Keep this data confidential.

💉 Integrate it without disclosing it inside the source code.

🛡️ Protect it if a hacker dismantles the code.

For such cases, Envify¹ is your ready-made solution that would inject Environment Variables inside your source code without breaking a sweat.

THE BIG PICTURE

At the root level of your flutter project (outside the lib folder), you would create an environment file .env possessing all your secret data. After adding the envify package to the pubspec.yaml file, you would create an env.dart file as shown in the below illustration. Once you’re done, you would run the command from the terminal and an env.g.dart would be generated holding all your secret data as a dart privateclass.

Illustration of Envify Work Mechanism.

Afterwards, you would simply inject the environment variables anywhere in the code by using the Secret abstract class fields.

Depiction of Secret Data Invocation Using env.dart .

REQUIRED PUBSPEC PACKAGES

In the pubspec.yaml file, add the packages as shown in the below snippet.

https://gist.github.com/Zujaj/7a09961d7873c433ce4919e81b28b55d

THE PROJECT ARCHITECTURE

The below figure illustrates the architecture used throughout the project.

Illustration of the Envify_Demo Project Architecture.

LET’S BEGIN CODING!

Before starting to code, add all the files related to envify in your .gitignore as shown in the below snippet.

https://gist.github.com/Zujaj/c812aa02a2cb70c5bc966544f749f13a

Step - II: Create an environment file.

Outside the lib folder, create a .env file and type down all the secret information that you wish to inject inside your source code, refer to the below snippet.

https://gist.github.com/Zujaj/2112707039d704f002dc0ef816faf810

Step - III: Create Env.dart file in the Config Folder

Under the config folder, create a env.dart file, refer to the below snippet.

https://gist.github.com/Zujaj/b1fa352bca357d7d6d1b39668eaea590

Here we define an abstract class Secret with the @Envify decorator having the name parameter as Secret and static const abstract fields.

According to the API documentation²:

By default, the generated class will be named as the name of the annotated class with a _ prefixed. You can change it using the name field. Note that the _ will always be prefixed.

Step - IV: Run The Command From The Terminal

Keep your abstract field’s naming convention the same as the one’s you’re going to generate or else the envify_generator would raise errors as shown in the below log.

https://gist.github.com/Zujaj/9fab9715c6058c57204ee94ccc19e84b

Also note that the first time you’ll create this file, the compiler would say that it can’t find _Secret as shown in the below figure.

Illustration of the Compiler Errors.

Don’t be afraid, this happens because you haven’t generated the _Secretclass yet. To generate the env.g.dart file, run the below command from your terminal.

https://gist.github.com/Zujaj/9985608854be95c609448fdb9c2dda90

Step - V: Invoking Secrets In The Source Code

Congratulations! You can now invoke your secrets in the source code without revealing them. In the below snippet, you can observe that inside the textof each child TextSpan the data has been invoked using the Secret abstract class.

https://gist.github.com/Zujaj/19794cec05885b6a80f11dd866ce03d8

Step - VI: Run The Demo App

The below screen depicts the final results after successfully running the app.

Demonstration of App Using Envify on Windows.

GITHUB WORKFLOW

Now you might be wondering how you’re going to deliver the app to your client. No worries, just follow the below steps.

Step - I: Encrypt .env & env.dart Files

  1. Open up “Git Bash in the Visual Studio Code terminal.

Opening Git Bash in Visual Studio Code.

2. Navigate to the .env path & encrypt it to base64 format as shown below.

$ base64 "C:\envify_demo\.env"

3. Repeat step 2 for env.dart as well.

$ base64 "C:\envify_demo\lib\config\env.dart"

4. Note down the encrypted code of these files.

Step - II: Create Action Secrets in GitHub Repo Settings

  1. Open your GitHub Repo Settings on the browser, select “Secrets” & click on the “New repository secret” button.

Navigation To the Repository Secret Button on GitHub.

2. Paste the base64 codes and hit the “Add Secret” button as shown in the below image.

Adding Encrypted Files as GitHub Action Secrets.

Step - III: Execute The Script via GitHub Actions

Copy the below script, add your firebase project id in the placeholder text & execute it.

https://gist.github.com/Zujaj/c3f66fa68913baaf48dae73f168f68b8

Step - IV: Visit The Web App

After a successful build, the web app³ is live as shown in the below image.

Illustration of the Envify Demo Web App on Firefox.

Visit the envify_demo GitHub Repository to get the source code.

ACKNOWLEDGMENT

Thanks to Frenco, the developer who created this package on the pub.dev.

REFERENCES

[1]: envify | Dart Package
https://pub.dev/packages/envify

[2]: envify | API Docs
https://pub.dev/documentation/envify/latest/#change-generated-class-name

[3]: Envify Demo | Web App
https://envify-demo.web.app

[4]: Envify_Demo | GitHub Repo
https://github.com/Zujaj/envify_demo

[5]: Frenco | GitHub
https://github.com/frencojobs