BerndWessels
commented
5 years ago @dibenedetto Hi, yes you are right.
For simplicity I've got these values currently in a secret.dart file which should never be checked into git.
But definietely there must be better places and ways to manage those secrets - especially when you need to share them with team members and have different environments (prod, dev, test).
I am currently cleaning up all the cognito stuff and prepare some helpers for AppSync. Would love to get some help and input from other flutter users who are going to use AWS.
according to error codes, some urls and user-specific codes (apiEndpointUrl, cognitoIdentityPoolId, etc.) should be defined.
being some of them kind of secret keys kept by the user, i think they should have been defined in the missing secret.dart file.
isn't it better to have a "shared" secret.dart file pre-filled with some string that the developer can then change on its own?
in the meanwhile my secret.dart looks like this:
final String apiEndpointUrl = "this-is-the-api-endpoint-url";final String cognitoIdentityPoolId = "this-is-the-cognito-identity-pool-id";final String cognitoUserPoolId = "this-is-the-cognito-user-pool-id";final String cognitoClientId = "this-is-the-cognito-client-id";