Express Environment Variables
Registered members can download the FREE Get Started App. This is the project I used to compose articles about setting up VS Code and developing Node with Express and the Embedded JavaScript (EJS) view engine.
Environment variables are not just secrets. NODE_ENV is typically set to "development", "staging", "test", or "production". Using the NODE_ENV variable you can set different conditions at runtime.
When I decided to learn Express, I found a lot of articles and AI suggestions which did not implement ES6 standards. ES6 or ECMAScript 2015 changed the landscape of JavaScript with the ability to create promises for asynchronous programming. I am familiar with ASP.NET Core and C# web applications and SQL Server databases. I developed this Express application with KenHaggerty.Com as a model. Registered members can download the FREE Get Started PostgreSQL app and Get Started MySQL app which implement this getting started with Express EJS tutorial.
Let's Talk About Express
Development Environment Setup
Features Since ECMAScript 2015(ES6)
Express EJS Template Engine
Express EJS Views, Layouts, and Partials
Express Error Handling
Express Routers and Controllers
Express Environment Variables
MySQL and Services
PostgreSQL and Services
EmailSender With Nodemailer
Debugging with VS Code defaults to the local machine's time zone. MySQL and virtual Ubuntu servers usually run on the UTC time zone. You can avoid deployment issues if you debug for the UTC time zone. You can set the development machine's time zone or set a variable for the application's time zone. You can load runtime variables with a .env file in the application's root directory.
.env
NODE_ENV=development TZ=UTC LISTEN_PORT=3000
You load the variables to the runtime process.env object with the loadEnvFile() method at the very start of server.js.
server.js
process.loadEnvFile(); // Loads from .env by default
The .env file variables are type string. To determine the production environment, use process.env.NODE_ENV === 'production'. You should convert and validate numbers.
server.js
const production = process.env.NODE_ENV === 'production';
const PORT = parseInt(process.env.LISTEN_PORT);
if (Number.isNaN(PORT)) {
console.error(`The PORT variable is not found or not a number`);
} else {
app.listen(PORT, () => {
console.log(`Get Started app listening on port ${PORT}`);
})
}
Express sessions middleware requires a secret key. Production secrets should be stored in an encrypted vault and development secrets should not be checked in to source control. To implement session properties, add a long random key to the development .env file.
.env
SESSION_SECRET=Ce3LG/ykUCIbQSWJu0EeaeAfOqjlWvcq
From PowerShell or a command prompt open in the application directory, use the npm CLI to install "express-session".
npm install express-session
Import express-session to server.js.
server.js
import session from 'express-session';
Configure the express-session middleware with the process.env.SESSION_SECRET property in server.js like the following.
server.js
app.use(session({
secret: process.env.SESSION_SECRET, // Required: used to sign the session ID cookie
resave: false, // Forces the session to be saved back to the session store, even if the session was never modified during the request
saveUninitialized: false, // Forces a session that is "uninitialized" to be saved to the store
cookie: {
secure: process.env.NODE_ENV === 'production', // Use secure cookies in production (requires HTTPS)
maxAge: 1000 * 60 * 60 * 24 // Cookie expiration in milliseconds (e.g., 1 day)
}
}));