SECURITY WARNING: Anyone who uses this repository as an example, be aware that the usage of env variables is not secure and you will leak your secret keys to the browser, allowing complete access to your stripe and sanity apis to any user who inspects the bundled Javascript.

Do not use this example without renaming your .env variables` and reading up on how environment variables in NextJS work!

See the .env file in this repo.

Any variable prefixed with NEXT_PUBLIC_ will be exposed to the browser. Read docs here: https://vercel.com/docs/concepts/projects/environment-variables

STRIPE_SECRET_KEY must not be exposed be made public. From the Stripe docs concerning the secret key: "On the server-side. Must be secret and stored securely in your web or mobile app’s server-side code (such as in an environment variable or credential management system) to call Stripe APIs." Read docs here: https://stripe.com/docs/keys

NEXT_PUBLIC_SANITY_TOKEN must only be used on the server, see docs here: https://www.sanity.io/docs/http-auth

NEXT_PUBLIC_SANITY_TOKEN = skqX4kdZKQRvszcSCIm7xQgzfu7lab7cgdpdeVnHr3AZ1Bzhv40Mqf7lQWQis6Wh5rnb8NzWr6vyQ0enw9SJCCOeAkT18GCdE70DYw2YPhIF26U3TM02qPEoZm8zcy8vBhu3RAvZvTs2vYfGdO8lDGMszusMbsPdBKMYRN3WiXqfeeJqkvdK

NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY = pk_test_51Hqmw9EnylLNWUqj3gbIK3wHZBXqH0HegicIlGA0etfwS9a5JpESWoFucZHdnWMp0q6xq6thYSZghQUSpLkE46wJ00HrkNMsOV

NEXT_PUBLIC_STRIPE_SECRET_KEY = sk_test_51Hqmw9EnylLNWUqjP36GV1DkreuhVt1E4l7L1y7YwhvjES8OylYVpKjpIxTjv1FqKWq81pZWBjycNIJH9n1jfI7800n4seyJCH