|
| 1 | +# Basic Node server |
| 2 | + |
| 3 | +Simple node.js app that servers "hello world" |
| 4 | + |
| 5 | +## step 1 |
| 6 | + |
| 7 | +Initialize node project with |
| 8 | + |
| 9 | +``` |
| 10 | +npm init |
| 11 | +``` |
| 12 | + |
| 13 | +add `start` script into `package.json` |
| 14 | + |
| 15 | +```javascript |
| 16 | +"scripts": { |
| 17 | +"start": "node index.js" |
| 18 | +}, |
| 19 | +``` |
| 20 | + |
| 21 | +## step 2 |
| 22 | + |
| 23 | +Create an `.env` file |
| 24 | + |
| 25 | +The file should be placed in the root of your project |
| 26 | + |
| 27 | +Install the dotenv library: `npm install dotenv` |
| 28 | + |
| 29 | +## step 3 |
| 30 | + |
| 31 | +create `index.js` and add the code |
| 32 | + |
| 33 | +```javascript |
| 34 | +// or just write => require('dotenv').config(); |
| 35 | +// which uses defult configs |
| 36 | +require('dotenv').config({ path: __dirname + '/.env' }); |
| 37 | + |
| 38 | +const http = require('http'); |
| 39 | +const port = process.env.PORT || 3000; |
| 40 | + |
| 41 | +const server = http.createServer((req, res) => { |
| 42 | + res.statusCode = 200; |
| 43 | + const msg = 'Hello Node!'; |
| 44 | + res.end(msg); |
| 45 | +}); |
| 46 | + |
| 47 | +server.listen(port, () => { |
| 48 | + console.log(`Server running on http://localhost:${port}/`); |
| 49 | +}); |
| 50 | +``` |
| 51 | + |
| 52 | +# Purpose of Environment Variables |
| 53 | + |
| 54 | +[ref](https://www.section.io/engineering-education/nodejs-environment-variables/) |
| 55 | + |
| 56 | +Environment Variables are important to a software developer for multiple reasons. |
| 57 | + |
| 58 | +1. Separation of Concerns |
| 59 | + |
| 60 | + Separation of Concerns refers to a software design principle that states that computer programs should be divided into distinct sections, such that each section addresses a separate concern. |
| 61 | + |
| 62 | + Application Configuration is a section of the code that should be decoupled from the application. Good software practices state that app config requires strict separation of config from code. Such config files can be stored as environment variables. |
| 63 | + |
| 64 | +2. Protecting Config Keys |
| 65 | + |
| 66 | + With the increasing popularity of cloud computing, more applications are using cloud services and other external APIs. Most of these come with config keys for control and access management. If the API keys are added to the application, and the code is pushed to a public repository on GitHub, this could lead to an unmonitored access problem. Unknown parties might end up using your API keys, leading to an unintended bill for your cloud services, and other potential security issues. |
| 67 | + |
| 68 | + To solve this problem, the config keys can be added as environment variables and invoked from a closed environment from where the application is deployed. |
| 69 | + |
| 70 | +# Environment Variables in Node.js |
| 71 | + |
| 72 | +In Node.js, process.env is a global variable that is injected during runtime. It is a view of the state of the system environment variables. When we set an environment variable, it is loaded into process.env during runtime and can later be accessed. |
| 73 | + |
| 74 | +dotenv is a module available on npm to load environment variables into process.env. dotenv can be added to your Node.js project by installing it from npm or yarn: |
| 75 | + |
| 76 | +``` |
| 77 | +# with npm |
| 78 | +npm install dotenv |
| 79 | +
|
| 80 | +# or with Yarn |
| 81 | +yarn add dotenv |
| 82 | +``` |
| 83 | + |
| 84 | +Suppose we want to use sensitive credentials like username and password in an open-source project, we can use dotenv for that as well. |
| 85 | + |
| 86 | +```javascript |
| 87 | +require('dotenv').config(); |
| 88 | + |
| 89 | +const mysql = require('mysql'); |
| 90 | +let con = mysql.createConnection({ |
| 91 | + host: process.env.DB_HOST, |
| 92 | + user: process.env.DB_USER, |
| 93 | + password: process.env.DB_PASS, |
| 94 | +}); |
| 95 | +``` |
| 96 | + |
| 97 | +Now, to set the env variables, create a `.env` file at the root of the project directory. |
| 98 | + |
| 99 | +``` |
| 100 | +DB_HOST=localhost |
| 101 | +DB_USER=admin |
| 102 | +DB_PASS=password |
| 103 | +``` |
| 104 | + |
| 105 | +We can add this .env file to .gitignore so that our credentials are protected. |
0 commit comments