Better security for API key

Question

Better security for API key

danymat opened this issue 2 years ago · 4 comments

Hello !

Thank you for this amazing plugin!
As a lot of people, including me, put our configuration plugins in git, I would prefer to have a way to not write the key into the configuration options.

What about adding a way to retrieve environment variables ?

Answer 1 · 2022-12-25T14:42:43.000Z

Here my solution

ChatGPT.lua

local env = vim.fn.expand('$HOME') .. '/.config/nvim/env.lua'
dofile(env)

if vim.env.OPENAI_API_KEY == nil then
  print('Please set the OPENAI_API_KEY environment variable')
  return
end

local status_neural, neural = pcall(require, 'neural')
if not status_neural then
  return
end

neural.setup({
  open_ai = {
    api_key = vim.env.OPENAI_API_KEY,
  },
})

env.lua ( use gitignore on this file )

vim.cmd("let $OPENAI_API_KEY='<PUT-YOUR-KEY-HERE>'")

Answer 2 · 2022-12-29T20:25:32.000Z

You can also use a system environment variable.

inside neovim config:

require('neural').setup({
    open_ai = {
        api_key = os.getenv("OPENAI_SECRET_KEY")
    },
})

then just set the environment variable in a shell login script (for example in bash, zsh):

export OPENAI_SECRET_KEY='<your secret key>'

NOTE you'll need to restart you shell.

Answer 3 · 2023-01-21T21:50:26.000Z

If you go for an environment variable, please call it $OPENAI_API_KEY to have the same as jackMort/ChatGPT.nvim for us who use both plugins :)

Answer 4 · 2023-02-13T13:39:22.000Z

You can now use whatever environment variable you wish for the API key e.g.

-- Configure Neural like so in Lua
require('neural').setup({
    source = {
        openai = {
            api_key = vim.env.OPENAI_API_KEY,
        },
    },
})