I can not hide API .env, dotenv doesn't work

Moralis General
#1

I’m makeing the tutorial Minting and Selling NFTs Without Paying Gas Fees! NFT Minter Programming Tutorial https://youtu.be/n6rPr0sStTI and I want to hide API moralis but .env doesn’t work, I installed dotenv and created .env file with the keys but it doesn’t work, check the javascript file, the same thing happened with others moralis app, Help please
require(‘dotenv’).config();

const serverUrl = process.env.SERVER_URL;
const appId = process.env.APP_ID

console.log(serverUrl);
console.log(appId);

Moralis.start({ serverUrl, appId });
let user = Moralis.User.current();

async function login() {
if (!user) {
try {
user = await Moralis.authenticate({ signingMessage: “Hello World!” })
initApp();
} catch(error) {
console.log(error)
}
}
else{
Moralis.enableWeb3();
initApp();
}
}

function initApp(){
document.querySelector("#app").style.display = “block”;
document.querySelector("#submit_button").onclick = submit;
}

async function submit(){
const input = document.querySelector(’#input_image’);
let data = input.files[0]
const imageFile = new Moralis.File(data.name, data)
await imageFile.saveIPFS();
let imageHash = imageFile.hash();

let metadata = {
    name: document.querySelector('#input_name').value,
    description: document.querySelector('#input_description').value,
    image: "/ipfs/" + imageHash
}
console.log(metadata);
const jsonFile = new Moralis.File("metadata.json", {base64 : btoa(JSON.stringify(metadata))});
await jsonFile.saveIPFS();

let metadataHash = jsonFile.hash();
console.log(jsonFile.ipfs())
let res = await Moralis.Plugins.rarible.lazyMint({
    chain: 'rinkeby',
    userAddress: user.get('ethAddress'),
    tokenType: 'ERC721',
    tokenUri: 'ipfs://' + metadataHash,
    royaltiesAmount: 5, // 0.05% royalty. Optional
})
console.log(res);
document.querySelector('#success_message').innerHTML = 
    `NFT minted. <a href="https://rinkeby.rarible.com/token/${res.data.result.tokenAddress}:${res.data.result.tokenId}">View NFT`;
document.querySelector('#success_message').style.display = "block";
setTimeout(() => {
    document.querySelector('#success_message').style.display = "none";
}, 5000)

}

login();
/** Useful Resources */

// https://docs.moralis.io/moralis-server/users/crypto-login
// https://docs.moralis.io/moralis-server/getting-started/quick-start#user
// https://docs.moralis.io/moralis-server/users/crypto-login#metamask

/** Moralis Forum */

// https://forum.moralis.io/

#2

https://docs.moralis.io/misc/faq#my-moralis-app-id-is-publicly-visible-on-the-frontend.-is-this-a-security-risk