Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Nandini-13/PsycheIT/llms.txt

Use this file to discover all available pages before exploring further.

PsycheIT’s backend reads runtime configuration from environment variables. Out of the box, the server ships with a safe default for local development — but that default is not suitable for production. This page documents the one configurable value the server currently reads, explains the dotenv setup, and details what must be changed before you deploy.

Backend Environment Variables

The Express server in server/server.js reads the following environment variables at startup:
VariableDefaultRequiredDescription
PORT5000NoThe TCP port the Express server binds to. Any process manager, reverse proxy, or hosting platform can override this.
No other environment variables are consumed by server.js in the current codebase. The JWT secret and the users file path are both hardcoded directly in the source (see the sections below).

How to Set the Port

You can override the port inline for a single run, or export it as a shell variable before starting the process: 
# Inline — applies only to this invocation
PORT=8080 node server.js

# Export — applies to all subsequent commands in the same shell session
export PORT=8080
node server.js
The relevant line in server.js: 
const PORT = process.env.PORT || 5000;
app.listen(PORT, () =>
  console.log(`Server running on http://localhost:${PORT}`)
);

Creating a .env File

dotenv is listed as a dependency in server/package.json ("dotenv": "^17.2.2"), but server.js does not call dotenv.config() — the import and initialisation are absent from the current source. This means a .env file is not loaded automatically. If you want to use a .env file, add the following line near the top of server.js (after the other imports): 
import dotenv from 'dotenv';
dotenv.config();
Then create server/.env: 
PORT=5000
Until dotenv.config() is called, environment variables must be passed via the shell (inline or export) as shown above.

Frontend Configuration

The frontend does not use .env files or Vite’s import.meta.env variables. Instead, the backend URL is hardcoded in frontend/src/pages/chatbot.jsx: 
// frontend/src/pages/chatbot.jsx (excerpt)
const response = await fetch("http://localhost:5000/classify", { ... });
To point the frontend at a different backend host (e.g. during staging or production), search for all occurrences of http://localhost:5000 in frontend/src/ and replace them with your target API base URL. A future improvement would be to centralise this in a Vite environment variable (VITE_API_BASE_URL) so it can be set at build time without touching source files.

JWT Secret

The JSON Web Token used for session authentication is currently signed with the hardcoded literal string 'secretKey' in server.js:
const token = jwt.sign({ userId }, "secretKey", { expiresIn: "1h" });
This is a critical security risk. Anyone who knows (or guesses) this secret can forge valid session tokens for any user. Before deploying to any non-local environment, replace it with a strong, randomly generated secret:
node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"
Store the result as an environment variable (e.g. JWT_SECRET) and update server.js to read it:
const token = jwt.sign({ userId }, process.env.JWT_SECRET, { expiresIn: "1h" });

Users File Path

User accounts are persisted to a flat JSON file at the path ./users.json, resolved relative to the directory from which node server.js is run. If you start the server from inside server/, the file will be created at server/users.json. This file is created automatically on the first successful login — no manual setup is required for local development.For any production deployment, replace this flat-file mechanism with a proper database (MongoDB, PostgreSQL, SQLite, etc.). The flat file is not safe for concurrent writes and offers no query capability or access controls.

Build docs developers (and LLMs) love

Get started for freeTalk to us