Skip to content

Environment Variables (for Dev)

Jump to bottom
Sulabh Mehta (Dominik) edited this page Nov 16, 2023 · 5 revisions

Note: These files are conventionally not supposed to be committed to source code repository for security purposes. In production environment, these variables are set using the service used to deploy the app.

For both the backend and frontend, there are some values that need to be passed to the add as environment variables. This can be achieved by using a .env file for go backend and a .env.local file for next.js front-end.

Find the format of the files below. The app expects all the variables mentioned below.

Backend

Create .env file in the root / directory of the project with the following contents

MONGODB_URI=link to mongodb server
ALLOWED_ORIGINS=...
API_KEY=...

Note:

  • MONGODB_URI is the connection string to mongodb server. For local server, this value is mostly mongodb://localhost:27017
  • ALLOWED_ORIGINS is to set CORS allowed origins so that the frontend hosted at that domain can consume backend APIs. E.g. http://localhost:3000, https://example.com
  • API_KEY is an authorisation key that all the APIs will need in the request. It can be generated as follows: openssl rand -hex 16

Frontend

Create .env.local file in the /web directory of the project with the following contents

NEXTAUTH_URL=...
BACKEND_URI=...
BACKEND_API_KEY=...
NEXTAUTH_SECRET=...
GITHUB_ID=...
GITHUB_SECRET=...
GOOGLE_CLIENT_ID=...
GOOGLE_CLIENT_SECRET=...
FACEBOOK_CLIENT_ID=...
FACEBOOK_CLIENT_SECRET=...

Legend

  • NEXTAUTH_URL is the link where the front-end is to be hosted. For local development, this should not be set

  • BACKEND_URI is the link to the backend server. For local development, this project is configured to use http://localhost:3001

  • BACKEND_API_KEY is the backend for API authorisation

  • NEXTAUTH_SECRET is a randomly generated secret for NextAuthJS using

    openssl rand -base64 32

  • GITHUB_ID and GITHUB_SECRET are provided by GitHub after creating the oAuth app in Github

  • GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET are provided by Google after creating the oAuth app in Google

  • FACEBOOK_CLIENT_ID and FACEBOOK_CLIENT_SECRET are provided by Facebook after creating the oAuth app in Facebook

Clone this wiki locally