Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Blackterz2/Proyecto_5to_Semestre/llms.txt

Use this file to discover all available pages before exploring further.

All Blackterz configuration is managed through a single .env file in the project root. The file is loaded at startup by dotenv before any other module initializes, so every variable is available in process.env throughout the entire application. No configuration is hardcoded in source files. To create your configuration file from the provided template, run:
cp .env.example .env
Then open .env in your editor and fill in the values for your environment. The sections below document every supported variable.
.env is listed in .gitignore and must never be committed to version control. It contains secrets (database passwords, JWT signing keys, SMTP credentials, and API keys) that would expose your entire system if leaked. Only .env.example — which contains no real values — belongs in the repository.

Server

PORT
number
default:"3000"
The port the Express server listens on. The server falls back to 3000 if this variable is unset:
const PORT = process.env.PORT || 3000;
Change this if port 3000 is already occupied on your machine, or when deploying behind a reverse proxy.
NODE_ENV
string
default:"development"
Runtime mode. Setting this to production enables strict security behavior across the application. Any other value (including leaving it blank) is treated as development mode.The most visible effect is on the auth rate limiter:
ValueMax auth attempts per 15 min
production10 (brute-force protection)
anything else100 (relaxed for local testing)

Database

All DB_* variables are passed directly to the mysql2 connection pool in src/config/db.js.
DB_HOST
string
default:"localhost"
Hostname or IP address of the MySQL server. Use localhost when MySQL runs on the same machine as the Node.js process. For Docker or remote deployments, set this to the container name or server IP.
DB_PORT
number
default:"3306"
TCP port MySQL listens on. The MySQL default is 3306. Only change this if you have configured MySQL to use a non-standard port.
DB_USER
string
required
MySQL username that has SELECT, INSERT, UPDATE, DELETE, ALTER, and CREATE privileges on the fitness_app database.
DB_PASSWORD
string
Password for the MySQL user. Leave this blank (empty string) if your local MySQL install has no password set for the user:
DB_PASSWORD=
DB_NAME
string
required
Name of the MySQL database. .env.example ships this as blackterz, but the actual running database is named fitness_app — that is the name used by all migration files and seed scripts. You must update this value after copying the example file or the server will fail to connect.
DB_NAME=fitness_app
Discrepancy: .env.example sets DB_NAME=blackterz, but the application requires a database named fitness_app (an earlier project that was reused as the foundation for Blackterz). Always override this to fitness_app after running cp .env.example .env.

JWT

JWT_SECRET
string
required
The secret key used to sign and verify all JSON Web Tokens issued by POST /api/auth/login. Tokens are signed with HMAC-SHA256 (HS256) and expire after 7 days.In development you can use any string. In production use a long cryptographically random value.
Generate a production-grade JWT secret with Node.js built-in crypto — no extra dependencies needed:
node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"
This outputs a 128-character hex string. Paste the result as your JWT_SECRET value.

Email (Password Recovery)

These variables configure the Nodemailer SMTP transport used by the password recovery flow. When a user requests a reset link, the server sends an email containing a time-limited token URL built from APP_URL.
EMAIL_HOST
string
SMTP server hostname. Example: smtp.gmail.com
EMAIL_PORT
number
SMTP port. Common values:
  • 587 — STARTTLS (recommended)
  • 465 — SSL/TLS
  • 25 — plain (not recommended for production)
Example: 587
EMAIL_USER
string
SMTP authentication username. This is typically the full sender email address. Example: [email protected]
EMAIL_PASS
string
SMTP authentication password. For Gmail, generate an App Password from your Google Account security settings rather than using your main account password.
APP_URL
string
Base URL of the application, used to construct the password reset link that is embedded in recovery emails. Must not have a trailing slash.
# Local development
APP_URL=http://localhost:3000

# Production
APP_URL=https://yourdomain.com
  1. Enable 2-Step Verification on your Google Account.
  2. Go to Google Account → Security → App passwords.
  3. Generate a new app password for “Mail” on “Other device”.
  4. Use that 16-character password as EMAIL_PASS.
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_USER[email protected]
EMAIL_PASS=abcd efgh ijkl mnop
APP_URL=http://localhost:3000

AscendAPI (Exercise Videos)

ASCENDAPI_KEY
string
Your RapidAPI subscription key for the “EDB with Videos and Images by AscendAPI” product. This key is required for exercise video playback in the catalog detail panel.To obtain a key:
  1. Create a free account at rapidapi.com.
  2. Search for “EDB with Videos and Images by AscendAPI”.
  3. Subscribe to the Basic (free) plan.
  4. Copy the X-RapidAPI-Key value shown in the API playground.
The free tier includes 2,000 requests per month, which is sufficient to load videos for the entire 64-exercise catalog with room to spare.
If ASCENDAPI_KEY is not set, the application will start and function normally — exercise images and text will display correctly, but the video playback feature in the exercise detail panel will not work. Set this variable only when you need video functionality.

Complete .env Template

Here is a fully annotated template you can copy directly into your .env file:
PORT=3000
NODE_ENV=development

DB_HOST=localhost
DB_PORT=3306
DB_USER=root
DB_PASSWORD=
DB_NAME=fitness_app

JWT_SECRET=replace_this_with_a_long_random_string

Build docs developers (and LLMs) love