6 Mistakes I make often while handling Environment Variables in NODE JS (using dotenv)
Handling environment variables is an essential aspect of modern web development, particularly in Node.js applications. As developers, we strive to create secure, scalable, and maintainable code. However, when it comes to managing environment variables in Node.js, it's surprisingly easy to overlook crucial best practices.
In this blog, we will explore the common mistakes I frequently make while dealing with environment variables in Node.js, using the popular dotenv
package for loading configurations. FIrstly, I have gone through a short setup guide and if you don't need it feel free to jump to the mistakes section.
A short setup guide for using Environment Variables using dotenv in Node JS
- Create a Node.js Project: Start by creating a new directory for your Node.js project and navigate into it. Initialize your project with the following command:
mkdir my-nodejs-app
cd my-nodejs-app
npm init -y
- Install
dotenv
Package: Install thedotenv
package, which allows you to load environment variables from a.env
file intoprocess.env
. Run the following command:
npm install dotenv
- Create a
.env
File: In the root of your project, create a.env
file. This file will store your environment variables in the formatKEY=VALUE
. For example:
PORT=3000
DB_CONNECTION_STRING=mongodb://localhost:27017/mydatabase
API_KEY=your_api_key_here
- Load Environment Variables: In your entry file (e.g.,
index.js
), require and load thedotenv
package as the first line of code:
require('dotenv').config();
- Use Environment Variables in Your Code: You can now access the environment variables defined in the
.env
file usingprocess.env.KEY
, whereKEY
is the name of the environment variable. For example:
const express = require('express');
const app = express();
const port = process.env.PORT || 3000;
app.get('/', (req, res) => {
res.send('Hello, World!');
});
app.listen(port, () => {
console.log(`Server running on port ${port}`);
});
- Run Your Application: Start your Node.js application using:
node index.js
MISTAKES I make often
Exposing Environment Variables in Code Repositories:
Never commit your .env
files or any sensitive configuration files to version control systems like Git. Doing so could lead to accidental exposure of sensitive information.
Wrapping value with a quote:
You don't have to wrap the value of the environment variables inside the .env file with the quotation. 'dotenv' package will do that for you.
Declaring Env. Variables Like Normal Variables :
don't use const, var, let before environment variables. They will be just like key-value pair.
/.env
NODE_ENV = test
PORT = 3003
MONGODB_URI = mongodb+srv://username:password@bloglist.gkxx04c.mongodb.net/?retryWrites=true&w=majority
TEST_MONGODB_URI = mongodb+srv://username:<test123>@password.gkfnybe.mongodb.net/?retryWrites=true&w=majority
Storing Production Secrets in Development Environment:
Using the same environment variables for development and production is a major risk. Use separate configurations for each environment, and ensure that production secrets are not accessible during development.
Not Backing Up Environment Variable Configurations:
Keep backup copies of your environment variable configurations, especially for production. Accidental loss of configuration files can lead to application downtime.
Not Restarting the App After Environment Variable Changes:
Restart the application after the Environment Variable Changes otherwise they won't work.
Thank you for reading ❤️ Happy Coding