Prefix all environment variables with STACK_

.github/workflows/link-and-build.yaml

@@ -19,16 +19,16 @@ jobs:
       NEXT_PUBLIC_STACK_PROJECT_ID: internal
       NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: internal-project-publishable-client-key
       STACK_SECRET_SERVER_KEY: internal-project-secret-server-key
-      SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
+      STACK_SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
 
-      EMAIL_HOST: 0.0.0.0
-      EMAIL_PORT: 2500
-      EMAIL_USERNAME: test
-      EMAIL_PASSWORD: none
-      EMAIL_SENDER: noreply@test.com
+      STACK_EMAIL_HOST: 0.0.0.0
+      STACK_EMAIL_PORT: 2500
+      STACK_EMAIL_USERNAME: test
+      STACK_EMAIL_PASSWORD: none
+      STACK_EMAIL_SENDER: noreply@test.com
 
-      DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
-      DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
 
     strategy:
       matrix:

.github/workflows/preview-docs.yaml

@@ -10,16 +10,16 @@ jobs:
       NEXT_PUBLIC_STACK_PROJECT_ID: internal
       NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: internal-project-publishable-client-key
       STACK_SECRET_SERVER_KEY: internal-project-secret-server-key
-      SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
+      STACK_SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
 
-      EMAIL_HOST: 0.0.0.0
-      EMAIL_PORT: 2500
-      EMAIL_USERNAME: test
-      EMAIL_PASSWORD: none
-      EMAIL_SENDER: noreply@test.com
+      STACK_EMAIL_HOST: 0.0.0.0
+      STACK_EMAIL_PORT: 2500
+      STACK_EMAIL_USERNAME: test
+      STACK_EMAIL_PASSWORD: none
+      STACK_EMAIL_SENDER: noreply@test.com
 
-      DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
-      DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
 
     permissions: write-all
 

.github/workflows/publish-docs.yaml

@@ -13,16 +13,16 @@ jobs:
       NEXT_PUBLIC_STACK_PROJECT_ID: internal
       NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: internal-project-publishable-client-key
       STACK_SECRET_SERVER_KEY: internal-project-secret-server-key
-      SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
+      STACK_SERVER_SECRET: 23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
 
-      EMAIL_HOST: 0.0.0.0
-      EMAIL_PORT: 2500
-      EMAIL_USERNAME: test
-      EMAIL_PASSWORD: none
-      EMAIL_SENDER: noreply@test.com
+      STACK_EMAIL_HOST: 0.0.0.0
+      STACK_EMAIL_PORT: 2500
+      STACK_EMAIL_USERNAME: test
+      STACK_EMAIL_PASSWORD: none
+      STACK_EMAIL_SENDER: noreply@test.com
 
-      DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
-      DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
+      STACK_DIRECT_DATABASE_CONNECTION_STRING: postgres://postgres:password@localhost:5432/stackframe
 
     permissions: write-all
 

apps/backend/.env

@@ -1,31 +1,31 @@
 # Basic
-SERVER_SECRET=# enter a secret key generated by `pnpm generate-keys` here. This is used to sign the JWT tokens.
+STACK_SERVER_SECRET=# enter a secret key generated by `pnpm generate-keys` here. This is used to sign the JWT tokens.
 
 # OAuth shared keys
 # Can be omitted if shared OAuth keys are not needed
-GITHUB_CLIENT_ID=# client
-GITHUB_CLIENT_SECRET=# client secret
-GOOGLE_CLIENT_ID=# client id
-GOOGLE_CLIENT_SECRET=# client secret
-FACEBOOK_CLIENT_ID=# client id
-FACEBOOK_CLIENT_SECRET=# client secret
-MICROSOFT_CLIENT_ID=# client id
-MICROSOFT_CLIENT_SECRET=# client secret
-SPOTIFY_CLIENT_ID=# client id
-SPOTIFY_CLIENT_SECRET=# client secret
+STACK_GITHUB_CLIENT_ID=# client
+STACK_GITHUB_CLIENT_SECRET=# client secret
+STACK_GOOGLE_CLIENT_ID=# client id
+STACK_GOOGLE_CLIENT_SECRET=# client secret
+STACK_FACEBOOK_CLIENT_ID=# client id
+STACK_FACEBOOK_CLIENT_SECRET=# client secret
+STACK_MICROSOFT_CLIENT_ID=# client id
+STACK_MICROSOFT_CLIENT_SECRET=# client secret
+STACK_SPOTIFY_CLIENT_ID=# client id
+STACK_SPOTIFY_CLIENT_SECRET=# client secret
 
 # Email
 # For local development, you can spin up a local SMTP server like inbucket
-EMAIL_HOST=# for local inbucket: 0.0.0.0
-EMAIL_PORT=# for local inbucket: 2500
-EMAIL_USERNAME=# for local inbucket: test
-EMAIL_PASSWORD=# for local inbucket: none
-EMAIL_SENDER=# for local inbucket: noreply@test.com
+STACK_EMAIL_HOST=# for local inbucket: 0.0.0.0
+STACK_EMAIL_PORT=# for local inbucket: 2500
+STACK_EMAIL_USERNAME=# for local inbucket: test
+STACK_EMAIL_PASSWORD=# for local inbucket: none
+STACK_EMAIL_SENDER=# for local inbucket: noreply@test.com
 
 # Database
 # For local development: `docker run -it --rm -e POSTGRES_PASSWORD=password -p "5432:5432" postgres`
-DATABASE_CONNECTION_STRING=# enter your connection string here. For local development: `postgres://postgres:password@localhost:5432/stack`
-DIRECT_DATABASE_CONNECTION_STRING=# enter your direct (unpooled or session mode) database connection string here. For local development: same as above
+STACK_DATABASE_CONNECTION_STRING=# enter your connection string here. For local development: `postgres://postgres:password@localhost:5432/stack`
+STACK_DIRECT_DATABASE_CONNECTION_STRING=# enter your direct (unpooled or session mode) database connection string here. For local development: same as above
 
 # Misc, optional
 STACK_ACCESS_TOKEN_EXPIRATION_TIME=# enter the expiration time for the access token here. Optional, don't specify it for default value

apps/backend/.env.development

@@ -1,13 +1,13 @@
-SERVER_SECRET=23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
+STACK_SERVER_SECRET=23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
 
-DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
-DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
+STACK_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
+STACK_DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
 
 NEXT_PUBLIC_DOC_URL=http://localhost:8104
 
-EMAIL_HOST=0.0.0.0
-EMAIL_PORT=2500
+STACK_EMAIL_HOST=0.0.0.0
+STACK_EMAIL_PORT=2500
 EMAIL_SECURE=false
-EMAIL_USERNAME=does not matter, ignored by Inbucket
-EMAIL_PASSWORD=does not matter, ignored by Inbucket
-EMAIL_SENDER=noreply@example.com
+STACK_EMAIL_USERNAME=does not matter, ignored by Inbucket
+STACK_EMAIL_PASSWORD=does not matter, ignored by Inbucket
+STACK_EMAIL_SENDER=noreply@example.com

apps/backend/package.json

@@ -12,7 +12,7 @@
     "analyze-bundle": "ANALYZE_BUNDLE=1 npm run build",
     "start": "next start --port 8102",
     "codegen": "npm run prisma -- generate && npm run generate-docs",
-    "psql": "npm run with-env -- bash -c 'psql $DATABASE_CONNECTION_STRING'",
+    "psql": "npm run with-env -- bash -c 'psql $STACK_DATABASE_CONNECTION_STRING'",
     "prisma": "npm run with-env -- prisma",
     "lint": "next lint",
     "watch-docs": "npm run with-env -- chokidar --silent '../../**/*' -i '../../docs/**' -i '../../**/node_modules/**' -i '../../**/.next/**' -i '../../**/dist/**' -c 'tsx scripts/generate-docs.ts'",

apps/backend/prisma/schema.prisma

@@ -7,8 +7,8 @@ generator client {
 
 datasource db {
   provider  = "postgresql"
-  url       = env("DATABASE_CONNECTION_STRING")
-  directUrl = env("DIRECT_DATABASE_CONNECTION_STRING")
+  url       = env("STACK_DATABASE_CONNECTION_STRING")
+  directUrl = env("STACK_DIRECT_DATABASE_CONNECTION_STRING")
 }
 
 model Project {

apps/dashboard/.env

@@ -3,33 +3,33 @@ NEXT_PUBLIC_STACK_URL=# enter your stack endpoint here, For local development: h
 NEXT_PUBLIC_STACK_PROJECT_ID=internal
 NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=# enter your Stack publishable client key here. For local development, just enter a random string, then run `pnpm prisma migrate reset`
 STACK_SECRET_SERVER_KEY=# enter your Stack secret client key here. For local development, do the same as above
-SERVER_SECRET=# enter a secret key generated by `pnpm generate-keys` here. This is used to sign the JWT tokens.
+STACK_SERVER_SECRET=# enter a secret key generated by `pnpm generate-keys` here. This is used to sign the JWT tokens.
 
 # OAuth shared keys
 # Can be omitted for local development, but shared OAuth keys will not work
-GITHUB_CLIENT_ID=# client
-GITHUB_CLIENT_SECRET=# client secret
-GOOGLE_CLIENT_ID=# client id
-GOOGLE_CLIENT_SECRET=# client secret
-FACEBOOK_CLIENT_ID=# client id
-FACEBOOK_CLIENT_SECRET=# client secret
-MICROSOFT_CLIENT_ID=# client id
-MICROSOFT_CLIENT_SECRET=# client secret
-SPOTIFY_CLIENT_ID=# client id
-SPOTIFY_CLIENT_SECRET=# client secret
+STACK_GITHUB_CLIENT_ID=# client
+STACK_GITHUB_CLIENT_SECRET=# client secret
+STACK_GOOGLE_CLIENT_ID=# client id
+STACK_GOOGLE_CLIENT_SECRET=# client secret
+STACK_FACEBOOK_CLIENT_ID=# client id
+STACK_FACEBOOK_CLIENT_SECRET=# client secret
+STACK_MICROSOFT_CLIENT_ID=# client id
+STACK_MICROSOFT_CLIENT_SECRET=# client secret
+STACK_SPOTIFY_CLIENT_ID=# client id
+STACK_SPOTIFY_CLIENT_SECRET=# client secret
 
 # Email
 # For local development, you can spin up a local SMTP server like inbucket
-EMAIL_HOST=# for local inbucket: 0.0.0.0
-EMAIL_PORT=# for local inbucket: 2500
-EMAIL_USERNAME=# for local inbucket: test
-EMAIL_PASSWORD=# for local inbucket: none
-EMAIL_SENDER=# for local inbucket: noreply@test.com
+STACK_EMAIL_HOST=# for local inbucket: 0.0.0.0
+STACK_EMAIL_PORT=# for local inbucket: 2500
+STACK_EMAIL_USERNAME=# for local inbucket: test
+STACK_EMAIL_PASSWORD=# for local inbucket: none
+STACK_EMAIL_SENDER=# for local inbucket: noreply@test.com
 
 # Database
 # For local development: `docker run -it --rm -e POSTGRES_PASSWORD=password -p "5432:5432" postgres`
-DATABASE_CONNECTION_STRING=# enter your connection string here. For local development: `postgres://postgres:password@localhost:5432/stack`
-DIRECT_DATABASE_CONNECTION_STRING=# enter your direct (unpooled or session mode) database connection string here. For local development: same as above
+STACK_DATABASE_CONNECTION_STRING=# enter your connection string here. For local development: `postgres://postgres:password@localhost:5432/stack`
+STACK_DIRECT_DATABASE_CONNECTION_STRING=# enter your direct (unpooled or session mode) database connection string here. For local development: same as above
 
 # Misc, optional
 STACK_ACCESS_TOKEN_EXPIRATION_TIME=# enter the expiration time for the access token here. Optional, don't specify it for default value

apps/dashboard/.env.development

@@ -1,18 +1,18 @@
 NEXT_PUBLIC_STACK_URL=http://localhost:8101
-SERVER_SECRET=23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
+STACK_SERVER_SECRET=23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo
 
 NEXT_PUBLIC_STACK_PROJECT_ID=internal
 NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=this-publishable-client-key-is-for-local-development-only
 STACK_SECRET_SERVER_KEY=this-secret-server-key-is-for-local-development-only
 
-DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
-DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
+STACK_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
+STACK_DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:password@localhost:5432/stackframe
 
 NEXT_PUBLIC_DOC_URL=http://localhost:8104
 
-EMAIL_HOST=0.0.0.0
-EMAIL_PORT=2500
+STACK_EMAIL_HOST=0.0.0.0
+STACK_EMAIL_PORT=2500
 EMAIL_SECURE=false
-EMAIL_USERNAME=does not matter, ignored by Inbucket
-EMAIL_PASSWORD=does not matter, ignored by Inbucket
-EMAIL_SENDER=noreply@example.com
+STACK_EMAIL_USERNAME=does not matter, ignored by Inbucket
+STACK_EMAIL_PASSWORD=does not matter, ignored by Inbucket
+STACK_EMAIL_SENDER=noreply@example.com

apps/dashboard/package.json

@@ -12,7 +12,7 @@
     "analyze-bundle": "ANALYZE_BUNDLE=1 npm run build",
     "start": "next start --port 8101",
     "codegen": "npm run prisma -- generate",
-    "psql": "npm run with-env -- bash -c 'psql $DATABASE_CONNECTION_STRING'",
+    "psql": "npm run with-env -- bash -c 'psql $STACK_DATABASE_CONNECTION_STRING'",
     "prisma": "npm run with-env -- prisma",
     "lint": "next lint",
     "generate-keys": "npm run with-env -- tsx scripts/generate-keys.ts"

apps/dashboard/prisma/schema.prisma

@@ -7,8 +7,8 @@ generator client {
 
 datasource db {
   provider  = "postgresql"
-  url       = env("DATABASE_CONNECTION_STRING")
-  directUrl = env("DIRECT_DATABASE_CONNECTION_STRING")
+  url       = env("STACK_DATABASE_CONNECTION_STRING")
+  directUrl = env("STACK_DIRECT_DATABASE_CONNECTION_STRING")
 }
 
 model Project {

apps/dashboard/src/email/index.tsx

@@ -77,13 +77,13 @@ async function getDBInfo(projectId: string, projectUserId: string): Promise<{
   let emailConfig: EmailConfig;
   if (projectEmailConfig.type === 'shared') {
     emailConfig = {
-      host: getEnvVariable('EMAIL_HOST'),
-      port: parseInt(getEnvVariable('EMAIL_PORT')),
-      username: getEnvVariable('EMAIL_USERNAME'),
-      password: getEnvVariable('EMAIL_PASSWORD'),
-      senderEmail: getEnvVariable('EMAIL_SENDER'),
+      host: getEnvVariable('STACK_EMAIL_HOST'),
+      port: parseInt(getEnvVariable('STACK_EMAIL_PORT')),
+      username: getEnvVariable('STACK_EMAIL_USERNAME'),
+      password: getEnvVariable('STACK_EMAIL_PASSWORD'),
+      senderEmail: getEnvVariable('STACK_EMAIL_SENDER'),
       senderName: project.displayName,
-      secure: getPortConfig(getEnvVariable('EMAIL_PORT')).secure,
+      secure: getPortConfig(getEnvVariable('STACK_EMAIL_PORT')).secure,
       type: 'shared',
     };
   } else {

apps/e2e/.env

@@ -1,5 +1,5 @@
-DASHBOARD_BASE_URL=
-BACKEND_BASE_URL=
-INTERNAL_PROJECT_ID=
-INTERNAL_PROJECT_CLIENT_KEY=
-INTERNAL_PROJECT_SERVER_KEY=
+STACK_DASHBOARD_BASE_URL=
+STACK_BACKEND_BASE_URL=
+STACK_INTERNAL_PROJECT_ID=
+STACK_INTERNAL_PROJECT_CLIENT_KEY=
+STACK_INTERNAL_PROJECT_SERVER_KEY=

apps/e2e/.env.development

@@ -1,5 +1,5 @@
-DASHBOARD_BASE_URL=http://localhost:8101
-BACKEND_BASE_URL=http://localhost:8102
-INTERNAL_PROJECT_ID=internal
-INTERNAL_PROJECT_CLIENT_KEY=this-publishable-client-key-is-for-local-development-only
-INTERNAL_PROJECT_SERVER_KEY=this-secret-server-key-is-for-local-development-only
+STACK_DASHBOARD_BASE_URL=http://localhost:8101
+STACK_BACKEND_BASE_URL=http://localhost:8102
+STACK_INTERNAL_PROJECT_ID=internal
+STACK_INTERNAL_PROJECT_CLIENT_KEY=this-publishable-client-key-is-for-local-development-only
+STACK_INTERNAL_PROJECT_SERVER_KEY=this-secret-server-key-is-for-local-development-only

apps/e2e/tests/backend/backend-helpers.ts

@@ -1,6 +1,6 @@
-import { BACKEND_BASE_URL, NiceResponse, niceFetch } from "../helpers";
+import { STACK_BACKEND_BASE_URL, NiceResponse, niceFetch } from "../helpers";
 
 export function niceBackendFetch(url: string, options?: RequestInit): Promise<NiceResponse> {
-  const res = niceFetch(new URL(url, BACKEND_BASE_URL), options);
+  const res = niceFetch(new URL(url, STACK_BACKEND_BASE_URL), options);
   return res;
 }

apps/e2e/tests/dashboard/internal-project.test.ts

@@ -1,11 +1,11 @@
 import { describe, expect, test } from "vitest";
 import request from "supertest";
-import { DASHBOARD_BASE_URL, INTERNAL_PROJECT_CLIENT_KEY, INTERNAL_PROJECT_ID } from "../helpers";
+import { STACK_DASHBOARD_BASE_URL, STACK_INTERNAL_PROJECT_CLIENT_KEY, STACK_INTERNAL_PROJECT_ID } from "../helpers";
 import crypto from "crypto";
 
 const AUTH_HEADER = {
-  "x-stack-project-id": INTERNAL_PROJECT_ID,
-  "x-stack-publishable-client-key": INTERNAL_PROJECT_CLIENT_KEY,
+  "x-stack-project-id": STACK_INTERNAL_PROJECT_ID,
+  "x-stack-publishable-client-key": STACK_INTERNAL_PROJECT_CLIENT_KEY,
 };
 
 const JSON_HEADER = {
@@ -19,7 +19,7 @@ function randomString() {
 async function signUpWithEmailPassword() {
   const email = randomString() + "@stack-test.example.com";
   const password = randomString();
-  const response = await request(DASHBOARD_BASE_URL).post("/api/v1/auth/signup").set(AUTH_HEADER).set(JSON_HEADER).send({
+  const response = await request(STACK_DASHBOARD_BASE_URL).post("/api/v1/auth/signup").set(AUTH_HEADER).set(JSON_HEADER).send({
     email,
     password,
     emailVerificationRedirectUrl: 'https://localhost:3000/verify-email',
@@ -29,7 +29,7 @@ async function signUpWithEmailPassword() {
 }
 
 async function signInWithEmailPassword(email: string, password: string) {
-  const response = await request(DASHBOARD_BASE_URL).post("/api/v1/auth/signin").set(AUTH_HEADER).set(JSON_HEADER).send({
+  const response = await request(STACK_DASHBOARD_BASE_URL).post("/api/v1/auth/signin").set(AUTH_HEADER).set(JSON_HEADER).send({
     email,
     password,
   });
@@ -39,12 +39,12 @@ async function signInWithEmailPassword(email: string, password: string) {
 
 describe("Various internal project tests", () => {
   test("Main Page", async () => {
-    const response = await request(DASHBOARD_BASE_URL).get("/");
+    const response = await request(STACK_DASHBOARD_BASE_URL).get("/");
     expect(response.status).toBe(307);
   });
 
   test("API root (no authentication)", async () => {
-    const response = await request(DASHBOARD_BASE_URL).get("/api/v1");
+    const response = await request(STACK_DASHBOARD_BASE_URL).get("/api/v1");
     expect(response.status).toBe(200);
     expect(response.text).contains("Stack API");
     expect(response.text).contains("Authentication: None");
@@ -63,7 +63,7 @@ describe("Various internal project tests", () => {
   });
 
   test("No current user without authentication", async () => {
-    const response = await request(DASHBOARD_BASE_URL).get("/api/v1/current-user").set(AUTH_HEADER);
+    const response = await request(STACK_DASHBOARD_BASE_URL).get("/api/v1/current-user").set(AUTH_HEADER);
     expect(response.status).toBe(200);
     expect(response.body).toBe(null);
   });
@@ -72,7 +72,7 @@ describe("Various internal project tests", () => {
     const { email, password, response } = await signUpWithEmailPassword();
     await signInWithEmailPassword(email, password);
 
-    const response2 = await request(DASHBOARD_BASE_URL)
+    const response2 = await request(STACK_DASHBOARD_BASE_URL)
       .get("/api/v1/current-user")
       .set({
         ...AUTH_HEADER,
@@ -83,7 +83,7 @@ describe("Various internal project tests", () => {
   });
 
   test("Can't get current user with invalid token", async () => {
-    const response = await request(DASHBOARD_BASE_URL)
+    const response = await request(STACK_DASHBOARD_BASE_URL)
       .get("/api/v1/current-user")
       .set({
         ...AUTH_HEADER,
@@ -97,7 +97,7 @@ describe("Various internal project tests", () => {
     const { email, password, response } = await signUpWithEmailPassword();
     await signInWithEmailPassword(email, password);
 
-    const response2 = await request(DASHBOARD_BASE_URL)
+    const response2 = await request(STACK_DASHBOARD_BASE_URL)
       .put("/api/v1/current-user")
       .set({
         ...AUTH_HEADER,
@@ -115,7 +115,7 @@ describe("Various internal project tests", () => {
     const { email, password, response } = await signUpWithEmailPassword();
     await signInWithEmailPassword(email, password);
 
-    const response2 = await request(DASHBOARD_BASE_URL)
+    const response2 = await request(STACK_DASHBOARD_BASE_URL)
       .put("/api/v1/current-user")
       .set({
         ...AUTH_HEADER,
@@ -130,7 +130,7 @@ describe("Various internal project tests", () => {
   });
 
   test("Can't update non-existing user's display name", async () => {
-    const response = await request(DASHBOARD_BASE_URL)
+    const response = await request(STACK_DASHBOARD_BASE_URL)
       .put("/api/v1/current-user")
       .set(AUTH_HEADER)
       .set(JSON_HEADER)
@@ -145,7 +145,7 @@ describe("Various internal project tests", () => {
     const { email, password, response } = await signUpWithEmailPassword();
     await signInWithEmailPassword(email, password);
 
-    const response2 = await request(DASHBOARD_BASE_URL).get("/api/v1").set({
+    const response2 = await request(STACK_DASHBOARD_BASE_URL).get("/api/v1").set({
       ...AUTH_HEADER,
       'x-stack-request-type': 'client',
       'authorization': 'StackSession ' + response.body.accessToken,
@@ -153,7 +153,7 @@ describe("Various internal project tests", () => {
     expect(response2.status).toBe(200);
     expect(response2.text).contains("Stack API");
     expect(response2.text).contains("Authentication: Client");
-    expect(response2.text).contains("Project: " + INTERNAL_PROJECT_ID);
+    expect(response2.text).contains("Project: " + STACK_INTERNAL_PROJECT_ID);
     expect(response2.text).contains("User: " + email);
   });
 });

apps/e2e/tests/helpers.ts

@@ -35,7 +35,7 @@ export async function niceFetch(url: string | URL, options?: RequestInit): Promi
   return new NiceResponse(fetchRes.status, fetchRes.headers, body);
 }
 
-export const DASHBOARD_BASE_URL = getEnvVar("DASHBOARD_BASE_URL");
-export const BACKEND_BASE_URL = getEnvVar("BACKEND_BASE_URL");
-export const INTERNAL_PROJECT_ID = getEnvVar("INTERNAL_PROJECT_ID");
-export const INTERNAL_PROJECT_CLIENT_KEY = getEnvVar("INTERNAL_PROJECT_CLIENT_KEY");
+export const STACK_DASHBOARD_BASE_URL = getEnvVar("STACK_DASHBOARD_BASE_URL");
+export const STACK_BACKEND_BASE_URL = getEnvVar("STACK_BACKEND_BASE_URL");
+export const STACK_INTERNAL_PROJECT_ID = getEnvVar("STACK_INTERNAL_PROJECT_ID");
+export const STACK_INTERNAL_PROJECT_CLIENT_KEY = getEnvVar("STACK_INTERNAL_PROJECT_CLIENT_KEY");

packages/stack-shared/src/utils/jwt.tsx

@@ -2,19 +2,19 @@ import * as jose from "jose";
 import { getEnvVariable } from "./env";
 import { KnownErrors } from "..";
 
-const SERVER_SECRET = jose.base64url.decode(getEnvVariable("SERVER_SECRET"));
+const STACK_SERVER_SECRET = jose.base64url.decode(getEnvVariable("STACK_SERVER_SECRET"));
 
 export async function encryptJWT(payload: any, expirationTime = "5m") {
   return await new jose.EncryptJWT(payload)
     .setProtectedHeader({ alg: "dir", enc: "A128CBC-HS256" })
     .setIssuedAt()
     .setExpirationTime(expirationTime)
-    .encrypt(SERVER_SECRET);
+    .encrypt(STACK_SERVER_SECRET);
 }
 
 export async function decryptJWT(jwt: string) {
   if (!jwt) {
     throw new Error("Provided JWT is empty");
   }
-  return (await jose.jwtDecrypt(jwt, SERVER_SECRET)).payload;
+  return (await jose.jwtDecrypt(jwt, STACK_SERVER_SECRET)).payload;
 }

turbo.json

@@ -1,12 +1,8 @@
 {
   "$schema": "https://turbo.build/schema.json",
-  "globalDotEnv": [
-    ".env",
-    ".env.local",
-    ".env.development",
-    ".env.development.local",
-    ".env.production",
-    ".env.production.local"
+  "globalEnv": [
+    "STACK_*",
+    "NEXT_PUBLIC_*"
   ],
   "tasks": {
     "build": {