Get started with 33% off your first certification using code: 33OFFNEW

How to access `.env` variables in JavaScript

2 min read
Published on 28th August 2023
Tutorials JavaScript Tooling

Environmental variables provide a way to keep your application scalable and secure, separating configuration from code. When working with JavaScript, you might encounter situations where you need to access environment variables, especially if you're on the server-side with Node.js or using frontend frameworks like React.

This guide explores how you can access .env file variables in different JavaScript contexts.

1. Accessing .env Variables in Node.js

Setting up dotenv

To use .env in Node.js, the popular dotenv package is often used.

Install the package:

npm install dotenv

In your main server file (e.g., index.js or server.js), add:

require('dotenv').config();

Using the Variables

Once set up, you can access any variables from your .env file using process.env.YOUR_VARIABLE_NAME:

const PORT = process.env.PORT || 3000;

2. Accessing .env Variables in Create React App

Create React App (CRA) has built-in support for .env files, but with a catch.

Prefixing Variable Names

Only variables starting with REACT_APP_ are embedded into the build. For example:

REACT_APP_API_URL=https://api.example.com

Using the Variables

In your React components or any JavaScript files in the CRA project:

const apiUrl = process.env.REACT_APP_API_URL;

3. Caution for Frontend Apps

It's essential to understand that ANYTHING on the frontend is exposed to the client. This means all your environment variables bundled in your frontend code can be seen by viewing the page's source code. Never put sensitive information, like API keys, in client-side code.

4. Accessing .env Variables in Other Bundlers

For bundlers like Webpack, Rollup, or Parcel, plugins or configurations allow you to replace environment variables during the bundling process. These methods usually involve reading .env files and replacing placeholders in your code with the actual values during build time.

5. Best Practices

  • Keep Secrets Secret: Never expose sensitive data like API keys, database credentials, etc., on the client-side.
  • Use Fallbacks: Always have a default value in case an environment variable isn't set. This helps in avoiding unexpected behaviors.
  • Version Control: Avoid pushing your .env file to version control. Use .gitignore to exclude it. Instead, you can have a .env.example file that outlines the required variables without the values.

Interested in proving your knowledge of this topic? Take the JavaScript Fundamentals certification.

JavaScript Fundamentals

Showcase your knowledge of JavaScript in this exam, featuring questions on the language, syntax and features.

$99

JavaScript Fundamentals

Related articles

An in-depth guide to .map() in JavaScript

Tutorials JavaScript

An in-depth guide to .map() in JavaScript

A comprehensive guide to using the `.map()` method in JavaScript. Understand its functionality, usage, and discover the power it brings to array handling in your JavaScript applications.

2 min read
A guide to mTLS

Sysadmin Cyber Security Tooling

A guide to mTLS

Learn about Mutual TLS (mTLS), its importance in secure communications, and how it differs from standard TLS. Explore its use cases, benefits, and implementation details in this comprehensive guide.

6 min read
How to build a router in PHP

Tutorials PHP Tooling

How to build a router in PHP

Learn how to build a basic router in PHP in this step-by-step guide. Understand routing's importance in a web application and how to create a simple routing system to handle different URLs and requests.

3 min read