diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..ae3118e
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,2 @@
+SECRET=SECRET
+DB_STRING=mongodb://localhost/ibuapibackend
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 6da04de..1dcef2d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
 node_modules
-config.js
\ No newline at end of file
+.env
\ No newline at end of file
diff --git a/api/services/token/create.js b/api/services/token/create.js
index 763689f..e794ebb 100644
--- a/api/services/token/create.js
+++ b/api/services/token/create.js
@@ -1,8 +1,7 @@
 const jwt = require('jsonwebtoken')
-const config = require('../../../config')
 
 module.exports = async (user) => {
-    const token = await jwt.sign(user, config.secret, {
+    const token = await jwt.sign(user, process.env.SECRET, {
         expiresIn: 24 * 60 * 60
     })
     return token
diff --git a/api/services/token/decode.js b/api/services/token/decode.js
index aec1cf0..23f2df4 100644
--- a/api/services/token/decode.js
+++ b/api/services/token/decode.js
@@ -1,7 +1,6 @@
 const jwt = require('jsonwebtoken')
-const config = require('../../../config')
 
 module.exports = async (token) => {
-    let decoded = await jwt.verify(token, config.secret)
+    let decoded = await jwt.verify(token, process.env.SECRET)
     return decoded
 }
\ No newline at end of file
diff --git a/app.js b/app.js
index 11c81ec..14f5c8f 100644
--- a/app.js
+++ b/app.js
@@ -3,7 +3,7 @@ const express = require('express'),
     bodyParser = require('body-parser'),
     mongoose = require('mongoose')
 
-mongoose.connect('mongodb://localhost/ibuapibackend', { useNewUrlParser: true })
+mongoose.connect(process.env.DB_STRING, { useNewUrlParser: true })
 
 app.use(express.json())