Get and Set Environment Variables in Node.js
One of the best ways to use sensitive information in open source repositories without hard-coding the information within publicly available repositories is setting environment variables. Set the environment variables on the server, retrieve them by key within your application.
When using Node.js, you can retrieve environment variables by key from the process.env object:
var mode = process.env.mode; // 'PRODUCTION', for example
var apiKey = process.env.apiKey; // '38294729347392432'
There are time when you may want to set environment variables while you run your node app -- these are set temporarily while the process is still running. A common case is simulating environment variables during testing. You can temporarily set these variables by pegging items onto the process.env object:
process.env.mode = 'TESTING';
// Now app code knows not to do destructive transactions!
Simple enough but worth documenting for future use!
![6 Things You Didn’t Know About Firefox OS]()
Firefox OS is all over the tech news and for good reason: Mozilla's finally given web developers the platform that they need to create apps the way they've been creating them for years -- with CSS, HTML, and JavaScript. Firefox OS has been rapidly improving...
![Interview with a Pornhub Web Developer]()
Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser's video limits to pushing ads through WebSocket so ad blockers don't detect them, you have...
![:valid, :invalid, and :required CSS Pseudo Classes]()
Let's be honest, form validation with JavaScript can be a real bitch. On a real basic level, however, it's not that bad. HTML5 has jumped in to some extent, providing a few attributes to allow us to mark fields as required or only valid if matching...
![Simple Image Lazy Load and Fade]()
One of the quickest and easiest website performance optimizations is decreasing image loading. That means a variety of things, including minifying images with tools like ImageOptim and TinyPNG, using data URIs and sprites, and lazy loading images. It's a bit jarring when you're lazy loading images and they just...
I believe it’s more common to use
process.env.NODE_ENVinstead ofprocess.env.modeThis is an interesting problem. What if you are using aws or heroku for hosting? You could have your deployment script setup the keys, but you’d need to prompt each time you create a new instance.
I encrypted the keys in a json file with AES 256 and in my run/deploy script it prompts for a password and decrypts it running the rest of the application with env variables. It’s not perfected yet, but this might be a good way to put it on github.
Are these variables just being set via the command line?
Yep!
I have had great success with json-configurator (https://www.npmjs.com/package/json-configurator). Use it with
process.env.NODE_ENVas a input.require('json-configurator')(configJson, process.env.NODE_ENV ).userEndpoint;