Overview
Missing environment variables (e.g. JWT_SECRET, DATABASE_URL, REDIS_URL) cause cryptic runtime errors deep in request handling rather than failing fast at startup. Debugging a 500 caused by undefined being used as a JWT secret is significantly harder than a clear startup error.
Specifications
Features:
- Validate all required env vars at startup using Joi or
class-validator + class-transformer.
- Fail with a descriptive error message listing all missing or invalid vars.
Tasks:
- Create
src/config/env.validation.ts with a Joi schema for all required and optional env vars, including types and ranges.
- Register the validation schema in
ConfigModule.forRoot({ validationSchema }).
- Ensure the default
|| 'default-jwt-secret' fallbacks in auth.service.ts are removed (replaced by required validation).
- Add unit tests verifying startup failure when required vars are absent.
Impacted Files:
src/config/env.validation.ts (new)src/app.module.tssrc/auth/auth.service.ts
Acceptance Criteria
- Application fails at startup with a clear list of missing env vars.
- No fallback defaults exist for security-critical variables.
- Unit test simulates missing
JWT_SECRET and verifies startup failure.
Overview
Missing environment variables (e.g.
JWT_SECRET,DATABASE_URL,REDIS_URL) cause cryptic runtime errors deep in request handling rather than failing fast at startup. Debugging a 500 caused byundefinedbeing used as a JWT secret is significantly harder than a clear startup error.Specifications
Features:
class-validator+class-transformer.Tasks:
src/config/env.validation.tswith a Joi schema for all required and optional env vars, including types and ranges.ConfigModule.forRoot({ validationSchema }).|| 'default-jwt-secret'fallbacks inauth.service.tsare removed (replaced by required validation).Impacted Files:
src/config/env.validation.ts(new)src/app.module.tssrc/auth/auth.service.tsAcceptance Criteria
JWT_SECRETand verifies startup failure.