Closed webraptor closed 4 years ago
To restrict an API key:
@Yasser-G how can you make it work since every device has different IP? in case of mobile apps we could restrict it via bundle ID but it wouldn't work here since it don't use native modules :/
@Yasser-G yeah, @pmierzejewski is correct. That wouldn't work so if anyone's reading the above comment, don't bother.
To get the data you just have to send request to this following url: https://maps.google.com/maps/api/geocode/json?key=YOU_API_KEY&latlng=LAT,LNG
You can send request from your server or firebase or AWS lambda function and use it on the frontend, that way you'll have to specify only one IP_ADDRESS or DOMAIN_NAME. And your API_KEY will be secured.
I know this will cause some latency but that latency is better than giving credit card to the hacker.
Since this is done outside of NativeModules, one cannot restrict the API key, which is a huge security issue. If the api keys in use are intercepted everyone could use them and the bill would fall on us.