I’m using “jose” library for verifying and signing JWT tokens, “jose” requires the env secret key to be encoded using TextEncoder() but doesn’t somebody just need to run TextDecoder() on the encoded key to expose the env secret key?
I’m hearing from all tutorials you should of course use environment variables for your secret key but what’s the point when it’s exposed via TextEncoder anyway?