Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/JFKoryy/autopart-pro/llms.txt

Use this file to discover all available pages before exploring further.

AutoPart Pro uses two separate .env files — one for the backend Express server and one for the React frontend — because each half of the application has different runtime contexts and different secrets. The backend file is read by dotenv at server startup and must never be committed to version control. The frontend file is processed by Vite at build time; only variables prefixed with VITE_ are bundled into the client.
JWT_SECRET is the key used to sign and verify every authentication token in the system. If this value is weak, guessable, or leaked, an attacker can forge tokens and impersonate any user — including administrators. Always use a cryptographically random string of at least 32 characters in non-development environments. Generate one with openssl rand -hex 32 or a similar tool. Never commit your .env file to version control. Add backend/.env and frontend/.env to your .gitignore before your first commit.

Backend Environment (/backend/.env)

The backend .env file configures the MySQL connection pool, the JWT signing secret, the server port, and the CORS allowed origin. Create this file at backend/.env before running npm run dev.
PORT=5000
DB_HOST=localhost
DB_USER=root
DB_PASSWORD=your_mysql_password
DB_NAME=autopart_pro
JWT_SECRET=your_long_random_secret_key
FRONTEND_URL=http://localhost:5173
PORT
number
The port on which the Express HTTP server listens. Defaults to 5000 if not set (via the process.env.PORT || 5000 fallback in app.js). Change this if port 5000 is already in use on your machine, and update VITE_API_URL in the frontend .env to match.
DB_HOST
string
required
The hostname or IP address of your MySQL 8 server. Use localhost when running MySQL on the same machine as the backend. For containerized or remote deployments, set this to the appropriate host or service name (e.g., db in a Docker Compose network, or an AWS RDS endpoint).
DB_USER
string
required
The MySQL username the application uses to connect. The specified user must have SELECT, INSERT, UPDATE, and DELETE privileges on the autopart_pro database. root is convenient for local development; use a dedicated, least-privilege user in production.
DB_PASSWORD
string
required
The password for the MySQL user specified in DB_USER. Keep this value secret — do not hard-code it in source files or share it in plain text.
DB_NAME
string
required
The name of the MySQL database to connect to. Set this to autopart_pro to match the database created by backend/database.sql. If you renamed the database during setup, use that name here instead.
JWT_SECRET
string
required
The secret key used by jsonwebtoken to sign and verify JWT tokens. This must be a long, random, high-entropy string. In production, generate it with a command such as openssl rand -hex 32 and store it securely (e.g., in a secrets manager or CI/CD environment variable). Rotating this value immediately invalidates all active sessions.
FRONTEND_URL
string
The origin URL of the React frontend, used by the Express CORS middleware to decide which origins are allowed to make cross-origin requests. Must match the exact origin (scheme + hostname + port) that your browser uses to load the frontend. The default is http://localhost:5173. Note that http://192.168.1.165:5173 is also hard-coded in app.js as a second allowed origin — update that file directly if you need additional origins.

Frontend Environment (/frontend/.env)

The frontend .env file contains a single variable that tells the React app where the backend API lives. Vite injects this value into the browser bundle at build time. Create this file at frontend/.env before running npm run dev.
VITE_API_URL=http://localhost:5000/api
VITE_API_URL
string
required
The base URL for all backend API requests made by the React frontend. All service functions in frontend/src/services/ prepend this value to their endpoint paths. It must include the /api path prefix and must not end with a trailing slash. Update this to your production API URL (e.g., https://api.yourshop.com/api) when building for deployment.

Quick Reference

The table below summarises every variable, its default, and whether it is required:
VariableFileDefaultRequired
PORTbackend/.env5000No
DB_HOSTbackend/.envYes
DB_USERbackend/.envYes
DB_PASSWORDbackend/.envYes
DB_NAMEbackend/.envYes
JWT_SECRETbackend/.envYes
FRONTEND_URLbackend/.envhttp://localhost:5173No
VITE_API_URLfrontend/.envYes

Build docs developers (and LLMs) love