In https://github.com/nuxt-modules/turnstile/pull/174 we added secret sourcing to the module code, which runs at build time. I now noticed that secret sourcing doesn't work at runtime, at which it makes most sense. It would be beneficial if the secret key could be sourced in the Nitro verify util (instead).
Also, should we continue to just use node:fs when a secret key path is given or could we make use of something like unstorage maybe? Don't know if I understand that tool correctly.
đ Your use case
It's common to have secrets available as a file or similar when deploying a service (as explained in https://github.com/nuxt-modules/turnstile/pull/174#issuecomment-1478161449). I'd like to be able to source the Turnstile secret key from such a file in production.
đ The solution you'd like
In https://github.com/nuxt-modules/turnstile/pull/174 we added secret sourcing to the module code, which runs at build time. I now noticed that secret sourcing doesn't work at runtime, at which it makes most sense. It would be beneficial if the secret key could be sourced in the Nitro
verifyutil (instead).đ Alternatives you've considered
Warn for no secret key when building for production: https://github.com/nuxt-modules/turnstile/pull/296
âšī¸ Additional info
cc @danielroe
Also, should we continue to just use
node:fswhen a secret key path is given or could we make use of something likeunstoragemaybe? Don't know if I understand that tool correctly.