f163ffbb83
- Enforced minimum length and security standards for `SECRET_KEY` (32 chars, random value required in production). - Added checks for strong `FIRST_SUPERUSER_PASSWORD` (min 12 chars with mixed case, digits). - Updated `.env.template` with guidelines for secure configurations. - Added `test_config.py` to verify validations for environment configurations, passwords, and database URLs.
31 lines
960 B
Plaintext
31 lines
960 B
Plaintext
# Common settings
|
|
PROJECT_NAME=App
|
|
VERSION=1.0.0
|
|
|
|
# Database settings
|
|
POSTGRES_USER=postgres
|
|
POSTGRES_PASSWORD=postgres
|
|
POSTGRES_DB=App
|
|
POSTGRES_HOST=db
|
|
POSTGRES_PORT=5432
|
|
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
|
|
|
# Backend settings
|
|
BACKEND_PORT=8000
|
|
# CRITICAL: Generate a secure SECRET_KEY for production!
|
|
# Generate with: python -c 'import secrets; print(secrets.token_urlsafe(32))'
|
|
# Must be at least 32 characters
|
|
SECRET_KEY=your_secret_key_here_REPLACE_WITH_GENERATED_KEY_32_CHARS_MIN
|
|
ENVIRONMENT=development
|
|
DEBUG=true
|
|
BACKEND_CORS_ORIGINS=["http://localhost:3000"]
|
|
FIRST_SUPERUSER_EMAIL=admin@example.com
|
|
# IMPORTANT: Use a strong password (min 12 chars, mixed case, digits)
|
|
# Default weak passwords like 'Admin123' are rejected
|
|
FIRST_SUPERUSER_PASSWORD=YourStrongPassword123!
|
|
|
|
# Frontend settings
|
|
FRONTEND_PORT=3000
|
|
NEXT_PUBLIC_API_URL=http://localhost:8000
|
|
NODE_ENV=development
|