Environment Variables

The nestjs-xsecurity module uses environment variables for configuration and sensitive settings. This guide covers all supported environment variables and their proper usage.

Core Environment Variables

Security Settings

Variable	Type	Default	Required	Description
`XSECURITY_ENABLED`	boolean	`true`	No	Enable/disable the security middleware globally
`XSECURITY_SECRET`	string	-	Yes	Secret key used for token signing and verification

Rate Limiting

Variable	Type	Default	Description
`XSECURITY_MAX_ATTEMPTS`	number	`5`	Maximum failed attempts before rate limiting
`XSECURITY_DECAY_MINUTES`	number	`1`	Minutes before rate limit reset
`XSECURITY_CLEANUP_INTERVAL`	number	`5`	Cleanup interval for rate limit store (minutes)

Environment File Setup

Basic `.env` Configuration

# Required
XSECURITY_SECRET=your-secure-secret-key

# Optional
XSECURITY_ENABLED=true
XSECURITY_MAX_ATTEMPTS=5
XSECURITY_DECAY_MINUTES=1
XSECURITY_CLEANUP_INTERVAL=5

Different Environments

Development (.env.development)

XSECURITY_SECRET=dev-secret-key
XSECURITY_MAX_ATTEMPTS=10
XSECURITY_DECAY_MINUTES=1

Production (.env.production)

XSECURITY_SECRET=prod-secret-key-should-be-very-long-and-secure
XSECURITY_MAX_ATTEMPTS=3
XSECURITY_DECAY_MINUTES=5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Environment Variables

Core Environment Variables

Security Settings

Rate Limiting

Environment File Setup

Basic `.env` Configuration

Different Environments

Development (.env.development)

Production (.env.production)

Introduction

Getting Start

Configuration

Core Features

Guides

Clone this wiki locally

Environment Variables

Core Environment Variables

Security Settings

Rate Limiting

Environment File Setup

Basic .env Configuration

Different Environments

Development (.env.development)

Production (.env.production)

Introduction

Getting Start

Configuration

Core Features

Guides

Clone this wiki locally

Basic `.env` Configuration