All runtime configuration in FerreMarket is supplied through a singleDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/ProyectoFerretek/FerreMarket/llms.txt
Use this file to discover all available pages before exploring further.
.env file placed at the project root. There is no server-side config layer — every variable is read at build time by Vite and injected into the browser bundle via import.meta.env. The project ships with a .env.example template that lists every required variable; copy it to .env and fill in your credentials before starting the development server.
Environment Variables
The domain of your Auth0 tenant (e.g.
your-tenant.us.auth0.com). This variable is included for backward compatibility with the @auth0/auth0-react package that is still present in package.json. Supabase Auth is the primary authentication provider used throughout the application; Auth0 integration is legacy and not required for a standard deployment. If you are not using Auth0, you may leave this blank.The Client ID of your Auth0 application, found in Auth0 Dashboard → Applications → your app → Settings. Like
VITE_AUTH0_DOMAIN_NAME, this is a legacy variable and is not required unless you are actively using Auth0 as an auth provider.The unique HTTPS URL of your Supabase project (e.g.
https://xyzcompany.supabase.co). This is used by @supabase/supabase-js to route all database queries, auth calls, and realtime subscriptions. Found in Supabase Dashboard → Project Settings → API → Project URL.The public
anon key for your Supabase project. This JWT is safe to expose in the browser — Supabase Row-Level Security policies govern what an anonymous or authenticated client is actually allowed to read or write. Found in Supabase Dashboard → Project Settings → API → Project API Keys → anon public.The base URL of your Cloudflare R2 public bucket (e.g.
https://pub-xxxx.r2.dev). FerreMarket appends product image filenames to this URL to display product photos throughout the catalog and sales modules. The bucket must have public access enabled.The full HTTPS URL of your deployed Cloudflare Worker (e.g.
https://ferremarket-uploads.yoursubdomain.workers.dev). This Worker acts as an authenticated proxy for file uploads: the frontend sends product images to this endpoint along with the API key, and the Worker writes the file to R2 on behalf of the caller — keeping your R2 bucket credentials private.A secret API key used to authenticate requests from the FerreMarket frontend to your Cloudflare Worker. The Worker checks this key on every incoming request and rejects anything that does not match. Set this to a long, randomly generated string and store it as an environment secret in both your
.env file and your Worker’s Cloudflare dashboard settings.Example .env File
Supabase Setup
- Sign in at supabase.com and open your project (or create a new one).
- Go to Project Settings (gear icon in the left sidebar) → API.
- Copy the Project URL — this is your
VITE_SUPABASE_URL. - Under Project API Keys, copy the
anonpublickey — this is yourVITE_SUPABASE_ANON_KEY. Do not use theservice_rolekey in a browser-side app. - Navigate to Authentication → Users and add at least one user so you can log in to the FerreMarket admin panel.
- Review Authentication → Policies on your database tables. FerreMarket relies on Row-Level Security policies to restrict data access per user role — make sure RLS is enabled on all tables that store sensitive business data.
Cloudflare R2 Setup
Cloudflare R2 is used to store and serve product images. The setup involves two components: an R2 bucket for storage and a Worker for authenticated uploads. Creating the R2 Bucket:- Log in to dash.cloudflare.com and navigate to R2 Object Storage.
- Click Create bucket and give it a name (e.g.
ferremarket-images). - Once created, open the bucket settings and enable Public access. Cloudflare will assign a public URL in the format
https://pub-xxxx.r2.dev— use this asVITE_CLOUDFLARE_CDN_URL.
- Go to Workers & Pages → Create application → Create Worker.
- Write or paste your Worker script. The Worker should:
- Accept
POSTrequests containing a file payload. - Validate the
Authorizationheader against a stored secret (yourVITE_CLOUDFLARE_WORKERS_API_KEY). - Use the R2 binding to write the file to your bucket.
- Return the public CDN URL of the uploaded object.
- Accept
- Under Settings → Variables, add your API key as an encrypted environment variable with the same value you will use for
VITE_CLOUDFLARE_WORKERS_API_KEY. - Under Settings → Bindings, add an R2 Bucket binding pointing to the bucket you created above.
- Deploy the Worker and copy its route URL to use as
VITE_CLOUDFLARE_WORKERS_URL.
Vite and the VITE_ Prefix
Vite enforces a strict naming convention for environment variables: only variables prefixed withVITE_ are exposed to your client-side code. Any variable in .env that does not start with VITE_ is available to Vite’s Node.js build process but is deliberately excluded from the browser bundle for security reasons.
Inside the FerreMarket source code, variables are read like this:
import.meta.env.VITE_* references at build time. This means:
- The values are baked into the compiled JavaScript bundle — treat them accordingly.
- If you change a value in
.env, you must restart the dev server (npm run dev) or rebuild (npm run build) for the change to take effect. - There is no runtime config injection;
.envis a build-time concern.