6 Mistakes I make often while handling Environment Variables in NODE JS (using dotenv)
Rafiul Hasan
Handling environment variables is an essential aspect of modern web development, particularly in Node.js applications. As developers, we strive to create secure, scalable, and maintainable code. However, when it comes to managing environment variables in Node.js, it's surprisingly easy to overlook crucial best practices.
In this blog, we will explore the common mistakes I frequently make while dealing with environment variables in Node.js, using the popular dotenv package for loading configurations. FIrstly, I have gone through a short setup guide and if you don't need it feel free to jump to the mistakes section.
A short setup guide for using Environment Variables using dotenv in Node JS
- Create a Node.js Project: Start by creating a new directory for your Node.js project and navigate into it. Initialize your project with the following command:
mkdir my-nodejs-app
cd my-nodejs-app
npm init -y
- Install
dotenvPackage: Install thedotenvpackage, which allows you to load environment variables from a.envfile intoprocess.env. Run the following command:
npm install dotenv
- Create a
.envFile: In the root of your project, create a.envfile. This file will store your environment variables in the formatKEY=VALUE. For example:
PORT=3000
DB_CONNECTION_STRING=mongodb://localhost:27017/mydatabase
API_KEY=your_api_key_here
- Load Environment Variables: In your entry file (e.g.,
index.js), require and load thedotenvpackage as the first line of code:
require('dotenv').config();
- Use Environment Variables in Your Code: You can now access the environment variables defined in the
.envfile usingprocess.env.KEY, whereKEYis the name of the environment variable. For example:
const express = require('express');
const app = express();
const port = process.env.PORT || 3000;
app.get('/', (req, res) => {
res.send('Hello, World!');
});
app.listen(port, () => {
console.log(`Server running on port ${port}`);
});
- Run Your Application: Start your Node.js application using:
node index.js
MISTAKES I make often
Exposing Environment Variables in Code Repositories:
Never commit your .env files or any sensitive configuration files to version control systems like Git. Doing so could lead to accidental exposure of sensitive information.
Wrapping value with a quote:
You don't have to wrap the value of the environment variables inside the .env file with the quotation. 'dotenv' package will do that for you.
Declaring Env. Variables Like Normal Variables :
don't use const, var, let before environment variables. They will be just like key-value pair.
/.env
NODE_ENV = test
PORT = 3003
MONGODB_URI = mongodb+srv://username:password@bloglist.gkxx04c.mongodb.net/?retryWrites=true&w=majority
TEST_MONGODB_URI = mongodb+srv://username:<test123>@password.gkfnybe.mongodb.net/?retryWrites=true&w=majority
Storing Production Secrets in Development Environment:
Using the same environment variables for development and production is a major risk. Use separate configurations for each environment, and ensure that production secrets are not accessible during development.
Not Backing Up Environment Variable Configurations:
Keep backup copies of your environment variable configurations, especially for production. Accidental loss of configuration files can lead to application downtime.
Not Restarting the App After Environment Variable Changes:
Restart the application after the Environment Variable Changes otherwise they won't work.
Thank you for reading ❤️ Happy Coding
Subscribe to my newsletter
Read articles from Rafiul Hasan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by