I noticed that nuxtjs auth library has an option for Discord authentication.
At this link: https://auth.nuxtjs.org/providers/discord
The documentation says that you must provide your Discord Applications clientId and clientSecret. An example can be seen below:
auth: {
strategies: {
discord: {
clientId: '...',
clientSecret: '...'
},
}
}
As far as I know, both clientId and clientSecret are not pieces of information that you want public. On the backend, you would simply keep these pieces of data in a .env file and as long as your server or application isn’t compromised you’re safe. How does Nuxt Auth keep the clientId and clientSecret safe as a frontend framework?