All runtime configuration for the VideoHub backend is supplied through environment variables loaded from aDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/barcode8/VideoHub/llms.txt
Use this file to discover all available pages before exploring further.
.env file located in the Backend/ directory. The server uses the dotenv package (called in src/index.js) to populate process.env before any application code runs, which means every variable listed here must be present before starting the server.
Creating your .env file
A .env.sample file is included in the repository with all required keys and safe placeholder values. Copy it to create your local configuration:
.env file and fill in every blank value before running the server.
Variable Reference
The TCP port the Express server binds to. The server falls back to
8000 if this variable is absent, but the sample file ships with 5000 as the conventional default. Change this if another process is already using the port.The intended network interface address for the server.
index.js reads this variable (process.env.HOST || '0.0.0.0') but the current app.listen() call only passes the port — the host argument is not forwarded, so this variable is read but has no effect on the actual bind address in the current implementation. It is kept in .env.sample for forward compatibility.The single origin that is allowed to make cross-origin requests to the API. The value is passed directly to the
cors middleware as the origin option. During local development this should match your frontend dev server — the Vite default is http://localhost:5173.Example: http://localhost:5173The full MongoDB connection string. Accepts both MongoDB Atlas connection strings and local
Example (local):
mongodb:// URIs.Example (Atlas): mongodb+srv://<username>:<db_password>@cluster0.ikrv56o.mongodb.netExample (local):
mongodb://127.0.0.1:27017/videohubA long, random secret used to sign JWT access tokens via
jsonwebtoken. This value is read by userSchema.methods.generateAccessToken in user.models.js and verified by the verifyJwt middleware. Keep this value private and unique per environment.Controls how long a JWT access token remains valid. Accepts any value supported by the
jsonwebtoken expiresIn option — for example 1d (one day), 12h (twelve hours), or 30m (thirty minutes). Shorter values improve security but require more frequent token refreshes.A long, random secret used to sign JWT refresh tokens. Should be different from
ACCESS_TOKEN_SECRET. Refresh tokens are stored in the database (user.refreshToken field) and are invalidated on logout by setting the field to undefined.Controls how long a JWT refresh token remains valid. Accepts the same format as
ACCESS_TOKEN_EXPIRY. The default of 10d keeps users logged in for ten days before they must re-authenticate.A Cloudinary URL pointing to the default profile picture shown when a user registers without uploading an avatar. The
registerUser controller reads this value from process.env.DEFAULT_AVATAR and stores it directly in the new user document.Example: https://res.cloudinary.com/<cloud_name>/image/upload/v1/defaults/avatar.pngA Cloudinary URL pointing to the default channel cover image assigned to every new user at registration. Follows the same pattern as
DEFAULT_AVATAR.Example: https://res.cloudinary.com/<cloud_name>/image/upload/v1/defaults/cover.pngYour Cloudinary account’s API key, found in the Cloudinary Dashboard under Settings → API Keys. Used by the
uploadOnCloudinary utility to authenticate upload requests.Your Cloudinary API secret. Treat this like a password — never expose it in client-side code or commit it to version control.
Your Cloudinary cloud name, visible at the top of the Cloudinary Dashboard. This is the subdomain component of all Cloudinary asset URLs (e.g.
my-cloud in https://res.cloudinary.com/my-cloud/...).