37 lines
1.3 KiB
Python
37 lines
1.3 KiB
Python
# app/config.py
|
|
import os
|
|
from pydantic_settings import BaseSettings
|
|
from dotenv import load_dotenv
|
|
|
|
load_dotenv()
|
|
|
|
class Settings(BaseSettings):
|
|
DATABASE_URL: str | None = None
|
|
|
|
# --- JWT Settings ---
|
|
# Generate a strong secret key using: openssl rand -hex 32
|
|
SECRET_KEY: str = "a_very_insecure_default_secret_key_replace_me" # !! MUST BE CHANGED IN PRODUCTION !!
|
|
ALGORITHM: str = "HS256"
|
|
ACCESS_TOKEN_EXPIRE_MINUTES: int = 30 # Default token lifetime: 30 minutes
|
|
|
|
class Config:
|
|
env_file = ".env"
|
|
env_file_encoding = 'utf-8'
|
|
extra = "ignore"
|
|
|
|
settings = Settings()
|
|
|
|
# Validation for critical settings
|
|
if settings.DATABASE_URL is None:
|
|
print("Warning: DATABASE_URL environment variable not set.")
|
|
# raise ValueError("DATABASE_URL environment variable not set.")
|
|
|
|
# CRITICAL: Check if the default secret key is being used
|
|
if settings.SECRET_KEY == "a_very_insecure_default_secret_key_replace_me":
|
|
print("*" * 80)
|
|
print("WARNING: Using default insecure SECRET_KEY. Please generate a strong key and set it in the environment variables!")
|
|
print("Use: openssl rand -hex 32")
|
|
print("*" * 80)
|
|
# Consider raising an error in a production environment check
|
|
# if os.getenv("ENVIRONMENT") == "production":
|
|
# raise ValueError("Default SECRET_KEY is not allowed in production!") |