# BlueLift Backend Environment Variables
# Copy this file to backend/.env and update with your values

# === Database ===
database.default.hostname=mysql
database.default.database=bluelift
database.default.username=bluelift_app
database.default.password=CHANGE_ME_STRONG_RANDOM_PASSWORD
database.default.DBDriver=MySQLi
database.default.DBPrefix=
database.default.port=3306

# === Authentication ===
# Generate a strong random value: openssl rand -hex 32
JWT_SECRET=CHANGE_ME_RUN_openssl_rand_hex_32

# Auth cookie hardening. Keep AUTH_COOKIE_SECURE=true so session cookies are
# only ever sent over HTTPS. Set to false ONLY for local HTTP development.
AUTH_COOKIE_SECURE=true
AUTH_COOKIE_SAMESITE=Strict

# Auth cookie domain (optional - leave empty for current domain)
# Use '.example.com' to share cookies across subdomains
AUTH_COOKIE_DOMAIN=

# === CORS Configuration ===
CORS_ALLOWED_ORIGINS=http://localhost:3000,http://bluelift.test

# === Frontend URL ===
FRONTEND_URL=http://localhost:3000

# === Email Configuration ===
email.fromEmail=noreply@blueliftglobal.com
email.fromName=BlueLift TMS
email.protocol=smtp
email.SMTPHost=ssl0.ovh.net
email.SMTPPort=465
email.SMTPUser=your_smtp_username
email.SMTPPass=your_smtp_password

# === Push Notifications ===
VAPID_PUBLIC_KEY=your_vapid_public_key_here
VAPID_PRIVATE_KEY=your_vapid_private_key_here
VAPID_SUBJECT=mailto:admin@blueliftglobal.com

# === API Logging ===
API_LOGGING_ENABLED=true
API_LOGGING_LEVEL=info
API_LOGGING_REQUEST_BODY=false
API_LOGGING_RESPONSE_BODY=false
API_LOGGING_RETENTION_DAYS=30

# === External APIs ===
POWERBI_API_KEY=your_powerbi_api_key_here
ANTHROPIC_API_KEY=your_anthropic_api_key_here