Closed mattbishop closed 1 year ago
Any thoughts around safely storing these? Several tools like npm
itself does just have a raw token in .npmjs
but one advantage is that it's not a broad API key like evently, it's more like the OAuth2 access token which makes it a bit easier to revoke specific ones.
If you feel good about a simple token in a local config, this works for me though! I just added my token to a .envrc
file
That might be a good start, declare what the env var is. In the future this will be somewhat different as we will have developers authenticate to access ledgers.
We are going to approach ledger access in a non-token manner, so this can be handled as an ENV var.
How about EVENTLY_ACCESS_TOKEN
?
Also, can you please add an EVENTLY_HOST
var as well? makes local testing easier.
I may have originally misread this but EVENTLY_TOKEN
already existed, i didn't build this =) I use it, it's great.
Ha I forgot about the TOKEN key too.
It's a pain to have to specify
--token xxxxx
every time. This feature would allow a user to store and use a token locally.In the near future, people will have multiple ledgers to use, so this should be part of the
ledger
command. Conceptually, this would be like SCM branch management. One would switch from one ledger to another with the CLI.