move environment variables to nextjs runtime config

.env.example

@@ -11,5 +11,5 @@ SMTP_PASSWORD=smtpPassword
 
 NEXT_TELEMETRY_DISABLED 1
 
-# For Docker Setup use this Database URL:
+# For Docker Compose Setup use this Database URL:
 # DATABASE_URL='postgresql://postgres:postgres@postgres:5432/snoopforms?schema=public'

lib/email.ts

@@ -1,6 +1,9 @@
+import getConfig from "next/config";
 import jwt from "jsonwebtoken";
 const nodemailer = require("nodemailer");
 
+const { serverRuntimeConfig } = getConfig();
+
 interface sendEmailData {
   to: string;
   subject: string;
@@ -10,29 +13,33 @@ interface sendEmailData {
 
 export const sendEmail = async (emailData: sendEmailData) => {
   let transporter = nodemailer.createTransport({
-    host: process.env.SMTP_HOST,
-    port: process.env.SMTP_PORT,
-    secure: process.env.SMTP_SECURE_ENABLED || false, // true for 465, false for other ports
+    host: serverRuntimeConfig.smtpHost,
+    port: serverRuntimeConfig.smtpPort,
+    secure: serverRuntimeConfig.smtpSecureEnabled || false, // true for 465, false for other ports
     auth: {
-      user: process.env.SMTP_USER,
-      pass: process.env.SMTP_PASSWORD,
+      user: serverRuntimeConfig.smtpUser,
+      pass: serverRuntimeConfig.smtpPassword,
     },
   });
   const emailDefaults = {
-    from: process.env.MAIL_FROM || "noreply@snoopforms.com",
+    from: serverRuntimeConfig.mailFrom || "noreply@snoopforms.com",
   };
   await transporter.sendMail({ ...emailDefaults, ...emailData });
 };
 
 export const sendVerificationEmail = async (user) => {
-  const token = jwt.sign({ id: user.id }, process.env.SECRET + user.email, {
-    expiresIn: "1d",
-  });
+  const token = jwt.sign(
+    { id: user.id },
+    serverRuntimeConfig.secret + user.email,
+    {
+      expiresIn: "1d",
+    }
+  );
   const verifyLink = `${
-    process.env.NEXTAUTH_URL
+    serverRuntimeConfig.nextauthUrl
   }/auth/verify?token=${encodeURIComponent(token)}`;
   const verificationRequestLink = `${
-    process.env.NEXTAUTH_URL
+    serverRuntimeConfig.nextauthUrl
   }/auth/verification-requested?email=${encodeURIComponent(user.email)}`;
   await sendEmail({
     to: user.email,

next.config.js

@@ -3,6 +3,20 @@ var path = require("path");
 
 const nextConfig = {
   reactStrictMode: false,
+  serverRuntimeConfig: {
+    // Will only be available on the server side
+    secret: process.env.SECRET,
+    nextauthUrl: process.env.NEXTAUTH_URL,
+    mailFrom: process.env.MAIL_FROM,
+    smtpHost: process.env.SMTP_HOST,
+    smtpPort: process.env.SMTP_PORT,
+    smtpUser: process.env.SMTP_USER,
+    smtpPassword: process.env.SMTP_PASSWORD,
+    smtpSecureEnabled: process.env.SMTP_SECURE_ENABLED,
+  },
+  publicRuntimeConfig: {
+    // Will be available on both server and client
+  },
   async redirects() {
     return [
       {

pages/api/auth/[...nextauth].ts

@@ -1,10 +1,13 @@
 import { NextApiRequest, NextApiResponse } from "next";
+import getConfig from "next/config";
 import jwt from "jsonwebtoken";
 import NextAuth from "next-auth";
 import CredentialsProvider from "next-auth/providers/credentials";
 import { prisma } from "../../../lib/prisma";
 import { verifyPassword } from "../../../lib/auth";
 
+const { serverRuntimeConfig } = getConfig();
+
 export default async function auth(req: NextApiRequest, res: NextApiResponse) {
   return await NextAuth(req, res, {
     providers: [
@@ -106,7 +109,7 @@ export default async function auth(req: NextApiRequest, res: NextApiResponse) {
           const isValid = await new Promise((resolve) => {
             jwt.verify(
               credentials?.token,
-              process.env.SECRET + user.email,
+              serverRuntimeConfig.secret + user.email,
               (err) => {
                 if (err) resolve(false);
                 if (!err) resolve(true);
@@ -147,7 +150,7 @@ export default async function auth(req: NextApiRequest, res: NextApiResponse) {
         }
       },
     },
-    secret: process.env.SECRET,
+    secret: serverRuntimeConfig.secret,
     pages: {
       signIn: "/auth/signin",
       signOut: "/auth/logout",