Environment Setup
Configure environment variables for database, authentication, and email
Create a .env.local file in the root directory with the following variables.
Required Variables
# Application
NEXT_PUBLIC_APP_URL=http://localhost:3000
# Database
MONGODB_URI=mongodb+srv://user:password@cluster.mongodb.net/database
# JWT Secrets (generate unique random strings)
JWT_SECRET=your-access-token-secret-min-32-chars
JWT_REFRESH_SECRET=your-refresh-token-secret-min-32-chars
# Email (Gmail SMTP)
EMAIL_SERVER_HOST=smtp.gmail.com
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER=your-email@gmail.com
EMAIL_SERVER_PASSWORD=your-app-password
# OAuth - GitHub
NEXT_PUBLIC_GITHUB_CLIENT_ID=your-github-client-id
NEXT_PUBLIC_GITHUB_CLIENT_SECRET=your-github-client-secret
# OAuth - Google
NEXT_PUBLIC_GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
NEXT_PUBLIC_GOOGLE_CLIENT_SECRET=your-google-client-secret
# File Upload
UPLOADTHING_TOKEN=sk_live_your-uploadthing-tokenConfiguration Details
Database (MongoDB)
Create a MongoDB Atlas cluster
Go to MongoDB Atlas and create a free cluster.
Get the connection string
In the Atlas dashboard, click "Connect" and select "Connect your application". Copy the connection string.
Configure network access
Add your IP address to the IP Access List. For development, you can allow access from anywhere (0.0.0.0/0).
Update the connection string
Replace <password> with your database user password and add your database name:
MONGODB_URI=mongodb+srv://username:password@cluster0.xxxxx.mongodb.net/fastly?retryWrites=true&w=majorityNever commit your .env.local file to version control. It's already in .gitignore.
JWT Secrets
Generate secure random strings for your JWT secrets. Use at least 32 characters.
openssl rand -base64 32node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"Generate two different secrets:
JWT_SECRET=<first-generated-secret>
JWT_REFRESH_SECRET=<second-generated-secret>Email (Gmail SMTP)
Enable 2-Factor Authentication
Go to your Google Account settings and enable 2-Step Verification.
Create an App Password
Navigate to Google App Passwords. Select "Mail" and generate a new password.
Configure environment variables
EMAIL_SERVER_HOST=smtp.gmail.com
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER=your-email@gmail.com
EMAIL_SERVER_PASSWORD=xxxx-xxxx-xxxx-xxxx # App password (no spaces)The app password is a 16-character code. Enter it without spaces.
GitHub OAuth
Create a GitHub OAuth App
Go to GitHub Developer Settings and click "New OAuth App".
Configure the application
| Field | Value |
|---|---|
| Application name | Your app name |
| Homepage URL | http://localhost:3000 |
| Authorization callback URL | http://localhost:3000/api/oauth/github |
Copy credentials
After creating the app, copy the Client ID and generate a Client Secret.
NEXT_PUBLIC_GITHUB_CLIENT_ID=your-client-id
NEXT_PUBLIC_GITHUB_CLIENT_SECRET=your-client-secretGoogle OAuth
Create a Google Cloud project
Go to Google Cloud Console and create a new project.
Configure OAuth consent screen
Navigate to "APIs & Services" > "OAuth consent screen". Select "External" and fill in the required fields.
Create OAuth credentials
Go to "APIs & Services" > "Credentials" and click "Create Credentials" > "OAuth client ID".
| Field | Value |
|---|---|
| Application type | Web application |
| Authorized JavaScript origins | http://localhost:3000 |
| Authorized redirect URIs | http://localhost:3000/api/oauth/google |
Copy credentials
NEXT_PUBLIC_GOOGLE_CLIENT_ID=xxxxx.apps.googleusercontent.com
NEXT_PUBLIC_GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxUploadThing (File Uploads)
Create an UploadThing account
Go to uploadthing.com and sign up.
Create an app
Create a new app in your UploadThing dashboard.
Copy the API key
Navigate to the "API Keys" section and copy your secret key.
UPLOADTHING_TOKEN=sk_live_xxxxxProduction Configuration
When deploying to production, update the following:
# Update to your production domain
NEXT_PUBLIC_APP_URL=https://your-domain.com
# Update OAuth callback URLs in provider dashboards
# GitHub: https://your-domain.com/api/oauth/github
# Google: https://your-domain.com/api/oauth/google