Laravel .env.example: APP_XXX Values Explained

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello guys have you ever thought what are those five values that come with dot e and v dot example with default laravel installation do you understand all of them what is their purpose what are the values the potential values let's discuss and let's see what other laravel features or packages features are affected by those values in general.env file is full of more details but they are more related to separate services or they are self-explanatory for example like database credentials probably the most used ones but the most misunderstood ones from my experience are these ones and before we dive into those values let's see where they come from if you run laravel new laravel for example or laravel new project it automatically creates dot env file in your folder based on.env.example and what is the difference between those two so dot env.example is a file that comes default with laravel installation but it's just a template laravel application doesn't get any values from env.example its purpose is to show what keys are possibly needed in your application so it should be committed to the repository when your project is ongoing so your other teammates would see what keys are needed so for example if you add some external service and you need some api key you need to put that into nv.example with empty value so that other people would know that their need to set up that key so dot env.example is a template that comes to the repository and dot env the main file the working file is individual for every environment it will be different from your computer to your colleagues computers web servers to staging server to production server wherever and that's the whole point to configure environment on top of laravel application so what can we actually configure in this dot nv file regarding app prefix first app name laravel where does it go inside of the application if we search all the application again it's default laravel for app name it comes first within the same env file later mail from name so if you send an email by default it will comes from laravel unless you change the app name and if you go back to that list then it goes to some configs and caching databases which is not that important what is important however visually is config app name which is again default laravel and if you go to name and search the whole project for app dot name by default it comes in the email templates again so people would visually see the mail recipients that you send it from laravel or whatever you change and it also goes into various configs related to messages logging and stubs also q service provider what surprised me by the way i thought that the default welcome blade also uses this app name but it doesn't it's just hard coded laravel okay so that's app name let's go further app env where does it go in the application of laravel first it goes into phpunit xml which is probably important and then the most important for us is this one config app basically all the env values are actually used in the config folder files so config something dot something is usually env value with the fallback value and this should be also the pattern if you introduce new dot env values you should also use them in config with default values because someone else on some other server may forget to set that dot env value and this would be your default fallback value anyway app env is it actually used anywhere app.env it is used to show in the error page that is not important so by default in laravel it's not used visually or at least we cannot easily find it but what i will show you is that it allows you to check the environment in your code in your custom code so example for disable lazy loading to prevent n plus one query problem in eloquent which appeared in laravel 8.43 looks like this so in the app service provider you prevent lazy loading only if the app is not in production and that is production is in the core of laravel in the vendor you have a few features like is production is local also you can check the environment passing the array of environments so staging dev production local whatever so the purpose of that is in local env file and by default you set to local then you upload your project to staging server and set that appian v to staging or dev whatever you prefer and then when the project is live on that server you set appianv production and then in your code here and there you can define the logic what is happening on local and what is happening in production the most typical case is something is enabled and happening on local like debugging or something and not enabled on production app key the third variable is automatically set for you if you install rvl application with laravel new or composer require laravel laravel and by default you shouldn't change anything here and you shouldn't even know about that this application key is kind of a hash to secure your application to generate other tokens and other hidden stuff for sessions for password managers and it's deep deep inside of the core practically you need to know two things if that app key is not set for some reason for example if you're using someone else's project and app key is empty to generate that key there's a command php artisan key generate and if your key isn't set then your application wouldn't even launch it would show an error and actually that error would contain the button of generate app key so you wouldn't even need to go to the terminal but if you did generate that app key very important thing is to not regenerate it so if i launch it again so see my app key ends with qr8 so i regenerate that it doesn't throw any errors so the key is different now and what happens now all the sessions of the current users would be invalidated because internally it wouldn't match the passwords the hashes whatever laravel checks internally so regenerating app key on production server is a dangerous thing to do so key generate should be in most cases used only once that's all you need to know next app debug true this is really really important for security reasons by default it is set to true but that true should be only on your local environment what it does actually it tells the ignition the default error manager error viewer to show all the errors visually so for example if in default routes web we make a typo so for example non-existing view we refresh the page and it says view welcome not found with all the stack trace with all the code available and if someone sees that your customer your user in the public it is a security issue because they see all your code well parts of the code first they know it's laravel and that's already a security issue but then they see the application variables the user and a lot of thing that may be misused and used against your project to possibly hack it so on production server you need to set that to false app debug false and then your visitors would see only server error or whatever error is happening without showing any details of what actually happened on the server on the back end also that app debug may be used by other packages such as laravel debug bar very popular debug bar to view the eloquent queries and other stuff so this is how it looks and i used it a lot in my previous videos so it is by default enabled only when app debug is true so again if you leave app debug true on production then your visitors would see sql queries and many more details which is again a security issue and finally app url sometimes you can leave that as default and that would still work and you wouldn't even notice that something is not working because app url is used only in case of constructing the further urls for example for file uploads so if you don't use file uploads you wouldn't even notice or similar to app name it is used in emails so i will show you if we search for app url again it leads us to the config app to this one and if we search for app dot url as you can see it is used in html message of the default email header so in your default email header you would see config app name so it's sent by laravel by default and it would lead the link would lead to your app url and if you leave laravel test or by default it is localhost then the links would not be working also it is used by other packages like spatularville media library for example or anyone who use file uploads in default config file systems actually you can find you can see that the public disk is configured with app url slash storage and this is actually funny thing number one question that we see for our quick admin panel generator is why my file uploads are not working so someone downloaded the code from our generator uploaded pushed it to their server and forgot to change localhost to the actual url and then of course files are not loaded because they are tried to be loaded from localhost instead of the full url so that's it five variables i thought it would be a quick video but apparently there's a lot to say even about those five and if you have any questions about those some of those you can shoot the comment below and maybe i would shoot a separate video about some of the section or some variable or one of those external services that is mentioned in the env file so ask your questions in the comments below and see you guys in other videos

Info

Channel: Laravel Daily

Views: 8,769

Rating: undefined out of 5

Keywords:

Id: MeVXMKnRZuM

Channel Id: undefined

Length: 9min 59sec (599 seconds)

Published: Sat Nov 06 2021