About Application secret key?

[daxiongYang]

Please, is the APP_KEY in the .env file unique for the initial project installed through npm init?
The existing project has been developed and put into operation, but it has not been modified! Does it matter?

[Julien-R44]

Yes, I think it's definitely a good practice to use a different key between production and your dev environment. But it's not a big deal as long as you haven't committed or shared your .env file with anybody, but I recommend you to generate a new key for your production anyway.

To do this you can use the command node ace generate:key and you will have a new APP_KEY in your .env. Don't lose it otherwise all your encrypted data like cookies, sessions and others will be invalid.

[daxiongYang]

Thanks for your answer!
I have regenerated a new APP_KEY and read more with node ace -h, thanks!