6 Mistakes I make often while handling Environment Variables in NODE JS (using dotenv)

6 Mistakes I make often while handling Environment Variables in NODE JS (using dotenv)
Play this article

Handling environment variables is an essential aspect of modern web development, particularly in Node.js applications. As developers, we strive to create secure, scalable, and maintainable code. However, when it comes to managing environment variables in Node.js, it's surprisingly easy to overlook crucial best practices.

In this blog, we will explore the common mistakes I frequently make while dealing with environment variables in Node.js, using the popular dotenv package for loading configurations. FIrstly, I have gone through a short setup guide and if you don't need it feel free to jump to the mistakes section.

A short setup guide for using Environment Variables using dotenv in Node JS

  1. Create a Node.js Project: Start by creating a new directory for your Node.js project and navigate into it. Initialize your project with the following command:
mkdir my-nodejs-app
cd my-nodejs-app
npm init -y
  1. Install dotenv Package: Install the dotenv package, which allows you to load environment variables from a .env file into process.env. Run the following command:
npm install dotenv
  1. Create a .env File: In the root of your project, create a .env file. This file will store your environment variables in the format KEY=VALUE. For example:
  1. Load Environment Variables: In your entry file (e.g., index.js), require and load the dotenv package as the first line of code:
  1. Use Environment Variables in Your Code: You can now access the environment variables defined in the .env file using process.env.KEY, where KEY is the name of the environment variable. For example:
const express = require('express');
const app = express();
const port = process.env.PORT || 3000;

app.get('/', (req, res) => {
  res.send('Hello, World!');

app.listen(port, () => {
  console.log(`Server running on port ${port}`);
  1. Run Your Application: Start your Node.js application using:
node index.js

MISTAKES I make often

Exposing Environment Variables in Code Repositories:

Never commit your .env files or any sensitive configuration files to version control systems like Git. Doing so could lead to accidental exposure of sensitive information.

Wrapping value with a quote:

You don't have to wrap the value of the environment variables inside the .env file with the quotation. 'dotenv' package will do that for you.

Declaring Env. Variables Like Normal Variables :

don't use const, var, let before environment variables. They will be just like key-value pair.


NODE_ENV = test
PORT = 3003
MONGODB_URI = mongodb+srv://username:password@bloglist.gkxx04c.mongodb.net/?retryWrites=true&w=majority
TEST_MONGODB_URI = mongodb+srv://username:<test123>@password.gkfnybe.mongodb.net/?retryWrites=true&w=majority

Storing Production Secrets in Development Environment:

Using the same environment variables for development and production is a major risk. Use separate configurations for each environment, and ensure that production secrets are not accessible during development.

Not Backing Up Environment Variable Configurations:

Keep backup copies of your environment variable configurations, especially for production. Accidental loss of configuration files can lead to application downtime.

Not Restarting the App After Environment Variable Changes:

Restart the application after the Environment Variable Changes otherwise they won't work.

Thank you for reading ❤️ Happy Coding