API Design in Node.js, v4

Environment Variables

Scott Moss

Scott Moss

Superfilter AI
API Design in Node.js, v4

Check out a free preview of the full API Design in Node.js, v4 course

The "Environment Variables" Lesson is part of the full, API Design in Node.js, v4 course featured in this preview video. Here's what you'd learn in this lesson:

Scott introduces environment variables. The NODE_ENV variable lets the application and any other package know the environment. This could be development, testing, production, or any other string. Using custom environment variables for database URIs or secrets allows confidential information to be injected into the application based on the environment.


Transcript from the "Environment Variables" Lesson

>> We talked a little bit just about processes just now, the thing about processes it goes hand in hand with something called environments. So, let's think about environments for a little bit, an environment is very much like the process. It's the process is what's running in the environment, but the environment is where your code is actually running.

So, for instance right now we're all on a local environment or a development environment. But then when you go to deploy this, you might be in a staging environment, or a production environment. So you have the same code running in a different environment, which is and it doesn't have to be a different machine.

You can have different environments on the same machine, an environment is just like a set of conditions in which your code operates in. For instance React, when you develop what React is in development mode, okay, until you do a production build. In development mode, in a development environment, it will show you warnings about like props and different things like that.

It'll show you warnings about like, make sure you put the key prop on all the child and stuff like that. But in production, it won't show you that, right, so it behaves differently depending on what environment it's running in. And, you have the ability to change that environment with one variable.

So we're gonna talk about those variables how to change those environments, and how to actually take advantage of them. Okay, so One important environment variable is called NODE_ENV, you will see this all the time working in Node. It's basically short for node environment, it's a string that tells node what environment it runs in.

And and there's tons of packages that rely on this node environment, like for instance, React literally relies on this environment variable to be set to something to know whether or not it should show certain errors or not. Whether or not it should enable performance or not, whether or not it's should bundle something or not.

So many packages rely on this, there's typically like two or three different values for NODE_ENV. It's usually either development which is the default usually, and there's production and then sometimes there's staging or I'm sorry testing. Okay, you can run a production environment locally on your computer, in fact you probably should is to test what will happen.

You can run a development environment on your production server somewhere. It doesn't really matter, it's just you telling the application what you're running or what environment, although you should match them up to where they're physically running. Any questions on that? I'm gonna demonstrate it right quick, we've already been using environment variables.

This env file is environment variables, okay, an environment variable is a variable that gets injected into your app when it's running. And you might ask yourself, why would I need that? Well, these two things are incredibly important, if someone got this database URL that's got all my users in it, and I check that URL into git on GitHub, yeah.

I mean, you might as well just kiss your app goodbye, like someone's just gonna log into your database. So how does your app get that URL without you putting it in your code? Well, that's what environment variable is for, wherever you are hosting your app, you can tell that hosting provider to say.

Hey, here are some environment variables I need you to inject into my code, so I can have them when it's running. And then you can access those variables on the process, so you can say process environment give me that variable. If you don't know what it is but you know it's there because you injected it, in our case we injected it with dotenv the package dotenv.

Here this injects all of our environment variables from the dotenv file. But when you go to production, there'll be some GUI where you can type into, this environment name, this value, this environment name, this value. And that hosting platform will inject those variables into your app so you can safely have them.

You ever hear like, such and such got hacked, yeah, seriously like left the environment variable in git. It's a common thing I think I can tell how many companies have been hacked because someone pushed up an environment variable to git. It's such a bad thing, there's literally bots that will scan your code like you [LAUGH] you left an environment variable in your code, you're sure you wanna do this?

It's a thing, it's that important, so, yeah, be careful with that.

Learn Straight from the Experts Who Shape the Modern Web

  • In-depth Courses
  • Industry Leading Experts
  • Learning Paths
  • Live Interactive Workshops
Get Unlimited Access Now