Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/viet2811/ocipe/llms.txt

Use this file to discover all available pages before exploring further.

Ocipe’s Django backend requires several environment variables for secrets and database credentials. The React frontend does not use environment variables — its backend URL is hardcoded in src/api/axios.ts. This page documents every backend variable with a description and example value, and explains how to change the frontend API target.

Backend environment variables

The Django backend loads its environment from a .env file in ocipe/backend/ using python-dotenv. The following variables are read in settings.py:
DJANGO_SECRET
string
required
The Django SECRET_KEY used for cryptographic signing of sessions, CSRF tokens, and other security-sensitive operations. Generate a long, random string and keep it secret. Rotating this value will invalidate all existing sessions.Example: django-insecure-g3$kx!p2v8q... (use a tool like python -c "import secrets; print(secrets.token_urlsafe(50))" to generate one)
POSTGRES_DB
string
required
Name of the PostgreSQL database.Example: ocipe
POSTGRES_USER
string
required
PostgreSQL username.Example: postgres
POSTGRES_PASSWORD
string
required
Password for the PostgreSQL user.Example: supersecretpassword
POSTGRES_HOST
string
required
Hostname or IP address of the PostgreSQL server.Example: localhost (local) or a Render/cloud hostname in production
GEMINI_API_KEY
string
required
Google Gemini API key used by the recipes app to autofill recipe details with AI. Obtain yours from Google AI Studio.Example: AIzaSyABC123...
ALLOWED_HOSTS and CORS_ALLOWED_ORIGINS are hardcoded in settings.py for the hosted deployment (ocipe.onrender.com and https://ocipe.vercel.app respectively). If you self-host either service at a different domain, update those values directly in settings.py.

Frontend environment variables

The Vite frontend does not currently read any VITE_ environment variables at runtime. The backend URL is set directly in src/api/axios.ts as a hardcoded value. To target a different backend, edit the baseURL in that file before building or running the dev server.
There are no frontend environment variables to configure. If you self-host the backend, update baseURL in src/api/axios.ts directly.

Sample configuration files

DJANGO_SECRET=your-long-random-secret-key-here
POSTGRES_DB=ocipe
POSTGRES_USER=postgres
POSTGRES_PASSWORD=yourpassword
POSTGRES_HOST=localhost
GEMINI_API_KEY=AIzaSyYourGeminiKeyHere

JWT settings

The following JWT-related values are configured directly in settings.py via SIMPLE_JWT. They are not environment variables — change them by editing the file.
SettingDefaultDescription
ACCESS_TOKEN_LIFETIMEtimedelta(minutes=5)How long an access token is valid. Short-lived for security; the client silently refreshes using the cookie.
REFRESH_TOKEN_LIFETIMEtimedelta(days=30)How long the refresh token cookie remains valid before the user must log in again.
ROTATE_REFRESH_TOKENSFalseWhen False, the same refresh token is reused until it expires.
The refresh token cookie is set with the following attributes in users/views.py:
Cookie attributeValueWhy
httponlyTruePrevents JavaScript from reading the token, mitigating XSS theft
secureTrueCookie is only sent over HTTPS
samesite"None"Allows the cookie to be sent in cross-site requests (Vercel → Render)
max_age3600 * 24 * 30 (30 days)Matches REFRESH_TOKEN_LIFETIME
Never commit .env or .env.local files to version control. Add the following lines to your .gitignore if they are not already present:
.env
.env.local
.env.*.local
Google Gemini API keys are free for moderate usage through Google AI Studio. Create one at https://aistudio.google.com/ — no billing information is required to get started.

Build docs developers (and LLMs) love

Get started for freeTalk to us