Environment Variables
There are nine different environment variables that need to be set to run the DRC Admin Panel. This article provides a description of each one as well as instructions for how to set their values.
By the end your .env.local file should look something like this:
MONGODB_URI="mongodb://localhost:27017/drc"
NEXTAUTH_SECRET=X>XiE;/X-=yO%Beueb-?YL~"z0!/La
NEXTAUTH_URL=http://localhost:3000/
PROJECT_ID=your-project-id
GOOGLE_CLIENT_ID=123456789-q1w2e3r4t5y6u7i8o9p.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=ABCDEF-ghijk-1lmnop2qrstu3v4wxyz
CLIENT_EMAIL=service-account-user@your-project-id.iam.gserviceaccount.com
PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\nreallyLongBase64encodedString\n-----END PRIVATE KEY-----\n"
BUCKET_NAME=bucket-name
This is the connection string to your MongoDB database. If you installed MongoDB Community Edition following the instructions here, you can simply use the connection string "mongodb://localhost:27017/drc", where drc is the name of the database. Note that if the database does not exist it will be created automatically.
The deployed DRC Admin Panel at drc-admin-panel.vercel.app is connected to a MongoDB Atlas database.
See https://next-auth.js.org/configuration/options#nextauth_secret
Simply put, this can be anything you want. For local development it does not really matter. For production/deployment you should generate a strong password using something like this.
See https://next-auth.js.org/configuration/options#nextauth_url
For local development this will just be http://localhost:3000/
GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET are used to authenticate users via their Google accounts, and PROJECT_ID is used for Google Cloud Storage (which you will set up next). To set these up, first navigate to https://console.developers.google.com/apis/credentials and sign in with your Google account. You will need to create a project if this is your first time. The project name can be whatever you want but note the 'Project ID' - this is what you will use for the value of PROJECT_ID.
Once your project is created, go to 'CREATE CREDENTIALS' -> 'OAuth client ID'
Click 'CONFIGURE CONSENT SCREEN' then select 'External' and continue. On this next page you can just fill out the required fields 'App name', 'User support email', and 'Developer contact information'. You can SAVE AND CONTINUE past the 'Scopes' and 'Test users' screens, then 'BACK TO DASHBOARD'.
Navigate back to 'Credentials' on the sidebar and go to 'CREATE CREDENTIALS' -> 'OAuth client ID' again. Select 'Web application' for the 'Application type', then scroll down and click 'ADD URI' under 'Authorized redirect URIs' and paste the following link: http://localhost/api/auth/callback/google
Click 'CREATE' and you should see a confirmation pop-up containing both 'Your Client ID' and 'Your Client Secret'. These will be the values you use for GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET respectively.
This is the email address of the service account that will be used for accessing Google Cloud Storage.
To create this service account, navigate back to https://console.developers.google.com/apis/credentials and this time go to 'CREATE CREDENTIALS' -> 'Service account'
Fill out the 'Service account ID' field then click 'CREATE AND CONTINUE'. Click 'Select a role', search for 'Storage Object Admin' and select it.
Click 'CONTINUE' then click 'DONE'. It will take you back to the 'Credentials' screen and you will see your newly created service account. The service account email address is the what you will use for the value of CLIENT_EMAIL.
