Skip to main content

Prerequisites

  • Node.js 18+ and npm
  • A Supabase project (use the shared team project or create your own)
  • A PostgreSQL database (the Supabase project’s built-in database works fine)

Installation

1

Clone the repository

git clone https://github.com/codebox-calpoly/AuraFarm.git
cd AuraFarm
2

Install dependencies

# Backend
cd backend && npm install && cd ..

# Frontend
cd frontend && npm install && cd ..
3

Configure the backend

Copy the example environment file:
cp backend/.env.example backend/.env
Open backend/.env and fill in all four required variables:
VariableWhere to find it
DATABASE_URLSupabase → Project Settings → Database → Connection string (URI)
SUPABASE_URLSupabase → Project Settings → API → Project URL
SUPABASE_SERVICE_KEYSupabase → Project Settings → API → service_role secret key
SUPABASE_ANON_KEYSupabase → Project Settings → API → anon public key
SUPABASE_SERVICE_KEY is a privileged credential. Never commit it to source control or expose it to the frontend.
4

Run database migrations

cd backend && npx prisma migrate deploy && cd ..
5

Start the backend

cd backend && npm run dev
The API is available at http://localhost:3000. Confirm it is running:
curl http://localhost:3000/health
# {"status":"ok","timestamp":"..."}
6

Start the frontend

cd frontend && npx expo start
Scan the QR code with Expo Go on your phone, or press i for iOS Simulator / a for Android Emulator.
Physical device? The frontend automatically derives the backend host from the Metro bundler URI, so your phone connects to the backend without any manual configuration — as long as it is on the same WiFi network as your development machine.

Backend environment variables

All backend variables go in backend/.env. 
# backend/.env

DATABASE_URL="postgresql://..."

SUPABASE_URL="https://your-project.supabase.co"
SUPABASE_SERVICE_KEY="your-service-role-key"
SUPABASE_ANON_KEY="your-anon-key"

Optional rate-limit overrides

The rate limiters are configured via environment variables. If unset, the defaults below apply.
VariableDefaultDescription
RATE_LIMIT_BYipKey requests by ip or user
RL_PUBLIC_WINDOW_MINUTES15Window length for public endpoints
RL_PUBLIC_MAX100Max requests per window (public)
RL_AUTH_WINDOW_MINUTES15Window length for auth endpoints
RL_AUTH_MAX5Max requests per window (auth)
RL_COMPLETION_WINDOW_HOURS1Window length for completion submissions
RL_COMPLETION_MAX10Max completion submissions per window
RL_FLAG_WINDOW_HOURS1Window length for flag submissions
RL_FLAG_MAX5Max flag submissions per window

Frontend environment variables

The frontend reads from .env in the frontend/ directory (or the project root). No frontend .env is required for local development — the app auto-detects the backend URL from Metro. Only set these variables when you need to override the defaults: 
# frontend/.env  (all lines are commented out by default)

# Direct Supabase access for image uploads from the frontend.
# Leave unset to route uploads through the backend proxy.
# EXPO_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
# EXPO_PUBLIC_SUPABASE_ANON_KEY=your-anon-key

# Point the app at a remote API instead of the local backend.
# EXPO_PUBLIC_API_URL=https://your-api.example.com
VariableWhen to set
EXPO_PUBLIC_SUPABASE_URLOnly when you want the frontend to upload images directly to Supabase (bypassing the backend proxy)
EXPO_PUBLIC_SUPABASE_ANON_KEYRequired alongside EXPO_PUBLIC_SUPABASE_URL for direct uploads
EXPO_PUBLIC_API_URLOnly when pointing the app at a remote or production API
app.config.ts also falls back to the backend’s SUPABASE_URL and SUPABASE_ANON_KEY values, so if you have already configured backend/.env you may not need any frontend-specific .env at all.

Architecture

Understand how the frontend, backend, and database connect.

Database

Run migrations and explore the data models.

Build docs developers (and LLMs) love

Get started for freeTalk to us