# Flask Configuration
FLASK_APP=wsgi.py
FLASK_ENV=development
SECRET_KEY=your-secret-key-here-change-in-production

# Database
DATABASE_URL=postgresql://user:password@localhost:5432/authy2_dev
SQLALCHEMY_ECHO=False
SQLALCHEMY_LOG_LEVEL=WARNING

# Security
BCRYPT_LOG_ROUNDS=12
SESSION_COOKIE_SECURE=False
SESSION_COOKIE_HTTPONLY=True
SESSION_COOKIE_SAMESITE=Lax
MAX_SESSION_DURATION=86400

# CORS
#CORS_ORIGINS=http://localhost:3000,http://localhost:5173,https://oidc-playpen.lovable.app/,http://localhost:8080/
CORS_ORIGINS=*


# JWT (if using JWT instead of sessions)
JWT_SECRET_KEY=your-jwt-secret-key-here
JWT_ACCESS_TOKEN_EXPIRES=3600
JWT_REFRESH_TOKEN_EXPIRES=2592000

# Redis (for session storage)
REDIS_URL=redis://localhost:6379/0

# OIDC
OIDC_ISSUER_URL=http://localhost:5000

# Logging
LOG_LEVEL=INFO
LOG_TO_STDOUT=True

# Rate Limiting
RATELIMIT_ENABLED=True
RATELIMIT_STORAGE_URL=redis://localhost:6379/1

# Testing
TESTING=False