41 lines
1.8 KiB
Python
41 lines
1.8 KiB
Python
import os
|
|
from datetime import timedelta
|
|
|
|
|
|
class Config:
|
|
SECRET_KEY = os.environ.get("SECRET_KEY") or "dev-secret-change-in-production"
|
|
JWT_SECRET_KEY = os.environ.get("JWT_SECRET_KEY") or os.environ.get("SECRET_KEY") or "dev-secret"
|
|
|
|
def __init_subclass__(cls, **kwargs):
|
|
super().__init_subclass__(**kwargs)
|
|
|
|
@classmethod
|
|
def validate(cls):
|
|
"""Call this in production to ensure required secrets are set."""
|
|
import os as _os
|
|
if _os.environ.get("FLASK_ENV") == "production" or _os.environ.get("FLASK_DEBUG") == "0":
|
|
if cls.SECRET_KEY in ("dev-secret-change-in-production", "dev-secret"):
|
|
raise RuntimeError(
|
|
"SECRET_KEY must be set to a strong random value in production. "
|
|
"Set the SECRET_KEY environment variable."
|
|
)
|
|
JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=24)
|
|
SQLALCHEMY_DATABASE_URI = os.environ.get(
|
|
"DATABASE_URL", "sqlite:///dev.db"
|
|
)
|
|
SQLALCHEMY_TRACK_MODIFICATIONS = False
|
|
MAX_CONTENT_LENGTH = 16 * 1024 * 1024
|
|
STORAGE_ROOT = os.environ.get("STORAGE_ROOT", "/app/storage")
|
|
|
|
GOOGLE_CLIENT_ID = os.environ.get("GOOGLE_CLIENT_ID", "")
|
|
GOOGLE_CLIENT_SECRET = os.environ.get("GOOGLE_CLIENT_SECRET", "")
|
|
GITHUB_CLIENT_ID = os.environ.get("GITHUB_CLIENT_ID", "")
|
|
GITHUB_CLIENT_SECRET = os.environ.get("GITHUB_CLIENT_SECRET", "")
|
|
|
|
# Set to "true" in .env to require users to confirm their email before logging in.
|
|
# When disabled (default), local accounts are confirmed immediately on registration.
|
|
# Confirmation URL is always logged to the container logs for debugging.
|
|
EMAIL_CONFIRMATION_REQUIRED: bool = (
|
|
os.environ.get("EMAIL_CONFIRMATION_REQUIRED", "false").lower() == "true"
|
|
)
|