Introduction
Environment variables play a crucial role in configuring and securing Node.js applications. They allow developers to store sensitive information, configuration settings, and other variables outside the codebase, making it easier to manage different deployment environments (development, testing, production) without exposing sensitive information.
In this blog post, we will explore how to use environment variables in Node.js, covering topics such as setting, accessing, and managing them in your applications.
Understanding Environment Variables
Environment variables are dynamic values that can affect the behavior of a running process. In Node.js, you can access environment variables using the process.env
object. These variables are set outside your application and read by your application during runtime.
Setting Environment Variables
To set environment variables, you can use various methods depending on your operating system or deployment platform.
Windows (Command Prompt) - set VAR_NAME=value
Linux and macOS (Bash Shell) - export VAR_NAME=value
Using a .env
File
In many Node.js projects, developers use a .env
file to store and manage environment variables.
Create a file named .env
in the root of your project and define your variables:
DB_HOST=localhost
DB_PORT=5432
SECRET_KEY=mysecretkey
This file should not be committed to the version control system to ensure sensitive information always remains on your local computer.
Add .env
to your .gitignore
file to prevent it from being committed. Here's an example file with it already added. You may also use dotenv for advanced configuration and it will automatically load environment variables from a .env
file into process.env
.
Accessing Environment Variables in Node.js
Once you've set your environment variables, you can access them in your Node.js application using process.env
.
const dbHost = process.env.DB_HOST;
const dbPort = process.env.DB_PORT;
const secretKey = process.env.SECRET_KEY;
console.log(`Database Host: ${dbHost}`);
console.log(`Database Port: ${dbPort}`);
console.log(`Secret Key: ${secretKey}`);
Using a Module for Environment Variables
For better organization, consider creating a module to centralize environment variable access. Create a file named config.js
:
module.exports = {
dbHost: process.env.DB_HOST,
dbPort: process.env.DB_PORT,
secretKey: process.env.SECRET_KEY,
};
Now, you can easily import and use these variables in other parts of your application:
const config = require('./config');
console.log(`Database Host: ${config.dbHost}`);
console.log(`Database Port: ${config.dbPort}`);
console.log(`Secret Key: ${config.secretKey}`);
Handling Default Values
Sometimes, you can provide default values for environment variables if they are not set. You can achieve this using the ||
operator:
const dbHost = process.env.DB_HOST || 'localhost';
const dbPort = process.env.DB_PORT || 5432;
const secretKey = process.env.SECRET_KEY || 'defaultsecret';
Wrap-up
Effectively using environment variables in your Node.js applications is crucial for maintaining security and configurability. By keeping sensitive information outside your codebase and using a standardized approach, you can easily manage different deployment environments and ensure a more secure application.
Remember to exercise caution with sensitive information and follow best practices for securing your environment variables, especially in production environments.
If you have questions, join us on the Vonage Developer Slack or send us a Post on X, and we will get back to you. Thanks again for reading, and I will catch up with you on the next one!
Michael Crump works at Vonage on the Developer Experiences team and is a coder, YouTuber, and frequent speaker of various .NET and cloud/communication development topics. He’s passionate about helping developers understand the benefits of each in a no-nonsense way.