jesus/Rustelo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Rustelo/info/why_env.md
Jesús Pérex 2f0f807331 feat: add dark mode functionality and improve navigation system 
- Add complete dark mode system with theme context and toggle
- Implement dark mode toggle component in navigation menu
- Add client-side routing with SSR-safe signal handling
- Fix language selector styling for better dark mode compatibility
- Add documentation system with mdBook integration
- Improve navigation menu with proper external/internal link handling
- Add comprehensive project documentation and configuration
- Enhance theme system with localStorage persistence
- Fix arena panic issues during server-side rendering
- Add proper TypeScript configuration and build optimizations

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-11 20:53:20 +01:00

3.0 KiB
Raw Blame History

Current Setup

The project already has:

  • .env file (exists but protected from reading)
  • .env.example file (exists but protected from reading)
  • dotenvy crate integration in main.rs and config loading

Why .env Files Are Important

The application uses environment variables for several critical configurations:

1. JWT Configuration

let secret = env::var("JWT_SECRET")
    .unwrap_or_else(|_| "your-super-secret-jwt-key-change-this-in-production".to_string());
let issuer = env::var("JWT_ISSUER").unwrap_or_else(|_| "rustelo-auth".to_string());
let access_token_expires_in = Duration::minutes(
    env::var("JWT_ACCESS_TOKEN_EXPIRES_IN")
        .unwrap_or_else(|_| "15".to_string())
        .parse()
        .unwrap_or(15),
);

2. OAuth Configuration

let client_id = env::var("GOOGLE_CLIENT_ID").map_err(|_| {
    anyhow!("Google OAuth not configured: missing GOOGLE_CLIENT_ID")
})?;
let client_secret = env::var("GOOGLE_CLIENT_SECRET").map_err(|_| {
    anyhow!("Google OAuth not configured: missing GOOGLE_CLIENT_SECRET")
})?;

3. Server Configuration Overrides

// Server overrides
if let Ok(protocol) = env::var("SERVER_PROTOCOL") { ... }
if let Ok(host) = env::var("SERVER_HOST") { ... }
if let Ok(port) = env::var("SERVER_PORT") { ... }
if let Ok(database_url) = env::var("DATABASE_URL") { ... }
if let Ok(session_secret) = env::var("SESSION_SECRET") { ... }

Key Environment Variables You Should Set

Based on the code analysis, here are the important environment variables:

Authentication & Security

  • JWT_SECRET - JWT signing secret (critical for security)
  • JWT_ISSUER - JWT issuer name
  • JWT_ACCESS_TOKEN_EXPIRES_IN - Access token expiration (minutes)
  • JWT_REFRESH_TOKEN_EXPIRES_IN - Refresh token expiration (days)
  • SESSION_SECRET - Session cookie secret

Database

  • DATABASE_URL - PostgreSQL connection string

OAuth (if using social login)

  • OAUTH_REDIRECT_BASE_URL - OAuth callback base URL
  • GOOGLE_CLIENT_ID & GOOGLE_CLIENT_SECRET
  • GITHUB_CLIENT_ID & GITHUB_CLIENT_SECRET
  • DISCORD_CLIENT_ID & DISCORD_CLIENT_SECRET
  • MICROSOFT_CLIENT_ID, MICROSOFT_CLIENT_SECRET, MICROSOFT_TENANT_ID

Server Configuration

  • ENVIRONMENT - Runtime environment (development/production)
  • SERVER_PROTOCOL - HTTP or HTTPS
  • SERVER_HOST - Server bind address
  • SERVER_PORT - Server port
  • LOG_LEVEL - Logging level
  • CONFIG_FILE - Custom config file path
  • TLS_CERT_PATH & TLS_KEY_PATH - For HTTPS

How It Works

  1. Environment Loading: The app uses dotenvy::dotenv().ok() to load .env files
  2. Config Hierarchy: TOML files provide defaults, environment variables override them
  3. Fallback Values: Most settings have sensible defaults if env vars aren't set

The .env file is essential for keeping sensitive credentials like database passwords, JWT secrets, and OAuth keys separate from your code and configuration files.