Configuration and Environment

Relevant source files - .env.example - config/env.js

The Subscription Tracker API utilizes a centralized configuration strategy to manage environment-specific variables and third-party service integrations. By decoupling configuration from the application logic, the system ensures portability across development, testing, and production environments while maintaining security for sensitive credentials.

Configuration Architecture

The application relies on a multi-layered configuration approach. Environment variables are loaded dynamically based on the current NODE_ENV, and specific configuration modules initialize third-party clients (Arcjet, Upstash, Nodemailer) using these variables.

Configuration Flow to Code Entities

The following diagram illustrates how raw environment variables from the .env files are processed by config/env.js and distributed to specialized configuration modules throughout the codebase.

Environment Loading and Distribution

[Flowchart Diagram]

Sources:

• config/env.js1-22
• .env.example1-16

---

Environment Variable Management

The application uses the dotenv package to load variables into process.env. To support different deployment stages, the system looks for specific file patterns, such as .env.development.local or .env.production.local, based on the NODE_ENV flag config/env.js3

Key variable groups include:

• Server Settings: PORT, NODE_ENV, and SERVER_URL.
• Database & Security: DB_URI for MongoDB connection and JWT_SECRET for token signing.
• Third-Party Services: API keys and endpoints for Arcjet (security), Upstash (workflows), and Brevo (SMTP email).

For a complete reference of all required variables and the naming conventions for environment files, see Environment Variables.

Sources:

• config/env.js5-22
• .env.example1-16

---

API Documentation Configuration

The project features automated API documentation using Swagger (OpenAPI 3.0). The configuration is centralized in config/swagger.js, which utilizes swagger-jsdoc to parse JSDoc comments from route files and swagger-ui-express to serve the interactive documentation interface.

The documentation setup includes:

• Server Definitions: Dynamically set using the SERVER_URL environment variable.
• Security Schemes: A global bearerAuth definition to allow testing of protected endpoints directly from the browser.
• Custom Assets: Custom CSS and JS located in the public/ directory to brand and style the Swagger UI.

For details on the Swagger implementation and how to document new endpoints, see API Documentation (Swagger).

Sources:

• config/swagger.js1-55 (referenced from context)
• app.js1-30 (referenced for middleware mounting)

---

Third-Party Service Integration

The system is highly integrated with external providers, each managed via a dedicated configuration file in the config/ directory:

Service	Configuration File	Purpose
Arcjet	config/arcjet.js	Configures the aj client for rate limiting, bot detection, and WAF.
Upstash	config/upstash.js	Initializes the WorkflowClient for managing asynchronous subscription reminders.
Nodemailer	config/nodemailer.js	Sets up the SMTP transporter using Brevo credentials for email dispatch.

Service-to-Code Mapping

This diagram maps the high-level third-party services to the specific internal configuration objects and variables used to interact with them.

Service Integration Map

[Flowchart Diagram]

Sources:

• config/env.js5-22
• .env.example6-15