Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Aking16/timify/llms.txt

Use this file to discover all available pages before exploring further.

Timify relies on a small, focused set of environment variables to configure its database connection and authentication layer. You define these in a .env file at the root of your project — Next.js picks them up automatically at build time and at runtime via the Node.js process.

Environment File Setup

Create a .env file (or .env.local for local overrides) in the project root before running the app. Never commit secrets such as BETTER_AUTH_SECRET to version control — add .env to your .gitignore.
.env
# ─── Database ─────────────────────────────────────────────
DB_FILE_NAME=file:./src/db/local.db

# ─── Authentication ────────────────────────────────────────
BETTER_AUTH_SECRET=replace-this-with-a-random-32-plus-character-string
BETTER_AUTH_URL=http://localhost:3000
.env.local takes precedence over .env in Next.js and is excluded from version control by default. It is the recommended place for secrets in development.

Variable Reference

DB_FILE_NAME
string
default:"file:./src/db/local.db"
Path to the SQLite database file, expressed in libsql URL format. The file: prefix is required by @libsql/client. The path is resolved relative to the project root.Examples:
# Development default — file lives inside the repo
DB_FILE_NAME=file:./src/db/local.db

# Production — absolute path outside the repo for persistence
DB_FILE_NAME=file:/var/data/timify/timify.db
In production, use an absolute path on a persistent volume so the database file survives redeployments.
BETTER_AUTH_SECRET
string
required
A secret string used by better-auth to sign and verify session tokens. This value must be kept confidential. A compromised secret allows an attacker to forge valid session cookies.
BETTER_AUTH_SECRET must be at least 32 characters and generated from a cryptographically secure random source. Never reuse the same secret across environments, and never commit it to source control.Generate a strong secret with:
openssl rand -base64 32
Examples:
# Development (still use a real random value)
BETTER_AUTH_SECRET=kJ9mP2xQwL8nR5vT1uY6cA3bE0hF7dG4

# Production (generate a fresh value — never reuse dev secrets)
BETTER_AUTH_SECRET=sZ2aW8yN4oX6qD1mK3pV7rU9tB5cF0eH
BETTER_AUTH_URL
string
default:"http://localhost:3000"
required
The fully-qualified base URL of the Timify app. better-auth uses this value for trusted origin validation and for constructing callback URLs. It must exactly match the URL your browser uses to reach the app — including the protocol and port.Examples:
# Local development
BETTER_AUTH_URL=http://localhost:3000

# LAN access during development
BETTER_AUTH_URL=http://192.168.1.10:3000

# Production
BETTER_AUTH_URL=https://timify.example.com
In production, BETTER_AUTH_URL must use https://. Running auth over plain HTTP in production exposes session tokens to interception. Remember to also set useSecureCookies: true in src/lib/auth.ts when moving to HTTPS.

Environment-Specific Recommendations

During local development the defaults work out of the box. You only need to supply BETTER_AUTH_SECRET since it has no default value.
.env.local
BETTER_AUTH_SECRET=your-local-dev-secret-min-32-chars
BETTER_AUTH_URL=http://localhost:3000
# DB_FILE_NAME defaults to file:./src/db/local.db — no change needed
In production, all three variables must be explicitly set:
.env
DB_FILE_NAME=file:/var/data/timify/timify.db
BETTER_AUTH_SECRET=<output-of-openssl-rand-base64-32>
BETTER_AUTH_URL=https://timify.example.com
Additionally, update src/lib/auth.ts to enable secure cookies:
src/lib/auth.ts (production change)
advanced: {
  crossSubDomainCookies: { enabled: true },
  useSecureCookies: true, // requires HTTPS
},

Build docs developers (and LLMs) love

Get started for freeTalk to us