Skip to main content

Environment variables

The Chat Server API uses environment variables for sensitive configuration. These should be set before starting the server.

JWT_SECRET

The JWT secret is used to sign authentication tokens. In production, always set a secure, random value.
The JWT_SECRET environment variable configures the secret key used for JWT token signing and verification (from Configuration.java:14). Default value: Base64-encoded string (insecure default for development only) Setting the variable: 
export JWT_SECRET="your-base64-encoded-secret-here"
Generate a secure Base64-encoded secret using:
openssl rand -base64 64

JWT configuration constants

The following JWT-related constants are defined in Configuration.java:
  • JWT_EXPIRATION_MS: 1000 * 60 * 60 * 30 (30 days)
  • Token expiration time in milliseconds
  • Tokens issued will be valid for 30 days from creation

Application properties

The server configuration is defined in application.properties. These settings control the Spring Boot application behavior.

Database configuration

The server uses SQLite as the primary database (from application.properties:1-12): 
spring.application.name=server
spring.jpa.database-platform=org.hibernate.community.dialect.SQLiteDialect
spring.datasource.url=jdbc:sqlite:./main.db
spring.datasource.driver-class-name=org.sqlite.JDBC
spring.sql.init.mode=always
spring.jpa.hibernate.ddl-auto=update
spring.batch.jdbc.initialize-schema=always

Database settings explained

  • spring.datasource.url: jdbc:sqlite:./main.db
    • Database file location (created in the current directory)
    • Change the path to customize the database location
  • spring.jpa.hibernate.ddl-auto: update
    • Automatically updates database schema based on entity changes
    • Use validate in production to prevent accidental schema changes
  • spring.sql.init.mode: always
    • Runs initialization scripts on startup

SQLite performance optimizations

The application configures SQLite with performance optimizations via HikariCP connection pool: 
spring.datasource.hikari.connection-init-sql=\
  PRAGMA journal_mode=WAL;\
  PRAGMA synchronous=NORMAL;\
  PRAGMA cache_size=-10000;\
  PRAGMA temp_store=MEMORY;
  • journal_mode=WAL: Write-Ahead Logging for better concurrency
  • synchronous=NORMAL: Balanced durability and performance
  • cache_size=-10000: 10MB cache size (negative value = kilobytes)
  • temp_store=MEMORY: Use memory for temporary tables

Database setup

The server supports two embedded databases:

SQLite (default)

SQLite is configured as the default database and requires no additional setup.
1

Automatic database creation

When you start the server for the first time, SQLite will automatically create the main.db file in the server directory.
2

Schema initialization

Hibernate will automatically create tables based on JPA entity classes due to the ddl-auto=update setting.
3

Verify database

After starting the server, verify the database file exists:
ls -la main.db
The database file path is relative to where you start the server. If you run the server from different directories, multiple database files may be created.

H2 Database (alternative)

H2 is included as a runtime dependency (build.gradle.kts:44) and can be used as an alternative in-memory database. To switch to H2, update application.properties: 
spring.datasource.url=jdbc:h2:mem:chatdb
spring.datasource.driver-class-name=org.h2.Driver
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
H2 in-memory databases lose all data when the server stops. Use file-based H2 (jdbc:h2:file:./chatdb) for persistence.

Validation constraints

The server enforces validation rules defined in Configuration.java:8-10:
  • MIN_PASSWORD_LENGTH: 6 characters
  • MIN_USERNAME_LENGTH: 2 characters
  • MAX_USERNAME_LENGTH: 8 characters
These constants are used throughout the application for request validation.

Security configuration

The server uses Spring Security with the following features:
  • Password encoding: BCrypt (configured in APIServerApplication.java:17-19)
  • JWT authentication: Token-based authentication with configurable expiration
  • Endpoint security: Protected endpoints require valid JWT tokens

Server metadata

From Configuration.java:7:
  • SERVER_VERSION: 0.0.1
  • Used in API responses and OpenAPI documentation

Custom configuration

To override default settings, create an application-local.properties file: 
# Custom database location
spring.datasource.url=jdbc:sqlite:/var/lib/chatserver/data.db

# Change server port
server.port=8080

# Enable debug logging
logging.level.org.uwgb.compsci330=DEBUG
Run the server with the local profile: 
./gradlew bootRun --args='--spring.profiles.active=local'

Build docs developers (and LLMs) love

Get started for freeTalk to us