# ============================================================================
# ROA2WEB Unified Backend - Environment Configuration (TEST)
# ============================================================================
# TEST environment using Oracle TEST server (10.0.20.121)
# Single backend process serving Reports, Data Entry, and Telegram modules
# IMPORTANT: Never commit this file to git!

# ============================================================================
# ORACLE DATABASE CONFIGURATION (REQUIRED - Shared by all modules)
# ============================================================================
# Connection to CONTAFIN_ORACLE schema for authentication and user management
# TEST: Through SSH tunnel to 10.0.20.121 (localhost:1526)

ORACLE_USER=CONTAFIN_ORACLE
ORACLE_PASSWORD=your_oracle_password_here
ORACLE_HOST=localhost
ORACLE_PORT=1526
# ORACLE_SID=roa  # Deprecated
ORACLE_SERVICE_NAME=ROA

# TEST: Start SSH tunnel before running backend
# ./ssh-tunnel-test.sh start

# ============================================================================
# JWT AUTHENTICATION (REQUIRED - Shared by all modules)
# ============================================================================
# Used for JWT token generation and validation (shared/auth/jwt_handler.py)

JWT_SECRET_KEY=generate_with_secrets_token_urlsafe_32
JWT_ALGORITHM=HS256

# Token expiration settings (used by shared/auth/jwt_handler.py)
ACCESS_TOKEN_EXPIRE_MINUTES=480
REFRESH_TOKEN_EXPIRE_DAYS=7

# ============================================================================
# SESSION SECURITY - EMAIL 2FA (REQUIRED for Telegram email login)
# ============================================================================
# Used by Telegram module for session token validation
# Must match between backend and Telegram bot

AUTH_SESSION_SECRET=generate_with_secrets_token_urlsafe_32

# ============================================================================
# SERVER CONFIGURATION
# ============================================================================
# Unified backend server settings

API_HOST=0.0.0.0
API_PORT=8000
DEBUG=true

# CORS Origins (comma-separated, includes both old and new frontend ports)
CORS_ORIGINS=http://localhost:3000,http://localhost:3010,http://localhost:5173

# ============================================================================
# REPORTS MODULE - CACHE CONFIGURATION (OPTIONAL - defaults provided)
# ============================================================================
# Two-tier hybrid cache system (L1: in-memory LRU, L2: SQLite persistent)
# Used by backend/modules/reports/cache/config.py

# Core Settings
CACHE_ENABLED=True
CACHE_TYPE=hybrid
CACHE_SQLITE_PATH=./data/cache/roa2web_cache_test.db
CACHE_MEMORY_MAX_SIZE=1000
CACHE_DEFAULT_TTL=900

# TTL per Cache Type (seconds)
CACHE_TTL_SCHEMA=86400
CACHE_TTL_COMPANIES=1800
CACHE_TTL_DASHBOARD_SUMMARY=1800
CACHE_TTL_DASHBOARD_TRENDS=1800
CACHE_TTL_INVOICES=600
CACHE_TTL_INVOICES_SUMMARY=900
CACHE_TTL_TREASURY=600

# Maintenance
CACHE_CLEANUP_INTERVAL=3600

# Event-Based Invalidation (experimental)
CACHE_AUTO_INVALIDATE=False
CACHE_CHECK_INTERVAL=300

# Performance Tracking
CACHE_TRACK_PERFORMANCE=True
CACHE_BENCHMARK_ON_STARTUP=False

# ============================================================================
# DATA ENTRY MODULE - CONFIGURATION
# ============================================================================
# Data Entry module settings (receipts, OCR, etc.)

# Environment identifier (dev/test/prod)
ORACLE_ENV=test

# SQLite Database (test)
DATA_ENTRY_SQLITE_DATABASE_PATH=data/receipts/receipts_test.db
DATA_ENTRY_UPLOAD_PATH=data/receipts/uploads

# File uploads
DATA_ENTRY_MAX_UPLOAD_SIZE_MB=10

# Test company (for testing)
TEST_COMPANY_ID=110
TEST_COMPANY_SCHEMA=MARIUSM_AUTO

# ============================================================================
# OCR ENGINE CONFIGURATION
# ============================================================================
# Control which OCR engines are loaded at startup.
# Disabling engines saves memory but limits available OCR modes.

# Enable/disable PaddleOCR (set to 'false' to save ~800MB RAM)
# When disabled: 'paddleocr' engine unavailable
OCR_ENABLE_PADDLEOCR=false

# Enable/disable Tesseract (set to 'false' to save ~50MB RAM)
# When disabled: 'tesseract' engine unavailable
OCR_ENABLE_TESSERACT=true

# Default OCR engine when not specified in request
# Options: tesseract, doctr, doctr_plus, paddleocr
# Recommended: doctr_plus (2-tier sequential with early exit)
OCR_DEFAULT_ENGINE=doctr_plus

# OCR Worker Pool Configuration
# Number of parallel OCR workers (each loads ~1GB for docTR)
# Recommended: 2 for 8GB RAM, 3 for 16GB RAM
OCR_WORKERS=2

# Max tasks per worker before restart (0 = no restart, saves 40-60s warmup time)
# Set to 0 for testing, 10-20 for production (prevents memory leaks)
OCR_MAX_TASKS_PER_CHILD=0

# ============================================================================
# TELEGRAM MODULE - BOT CONFIGURATION (REQUIRED for Telegram features)
# ============================================================================
# Obtain bot token from @BotFather on Telegram

TELEGRAM_BOT_TOKEN=8483383555:AAGNY1z6WiBkvVfy1ZV_gM_JnAqW4q4MlEY

# Backend URL for bot to communicate with API
BACKEND_URL=http://localhost:8000

# Internal API port (bot's internal API for backend callbacks)
INTERNAL_API_PORT=8002

# Enable internal API documentation (development only)
ENABLE_DOCS=false

# ============================================================================
# TELEGRAM MODULE - EMAIL AUTHENTICATION (SMTP) (REQUIRED for email 2FA)
# ============================================================================
# Required for email-based 2FA authentication flow
# Users can login with email + password instead of web app linking

# SMTP Server Configuration
SMTP_HOST=mail.romfast.ro
SMTP_PORT=587
SMTP_USER=ups@romfast.ro
SMTP_PASSWORD=your_smtp_password_here
SMTP_FROM_EMAIL=ups@romfast.ro
SMTP_FROM_NAME=ROA2WEB
SMTP_USE_TLS=true

# Email Retry Settings
EMAIL_MAX_RETRIES=3
EMAIL_RETRY_DELAY=2.0

# ============================================================================
# TELEGRAM MODULE - DATABASE (SQLite for bot data)
# ============================================================================
# Separate SQLite database for Telegram bot auth codes and sessions

TELEGRAM_SQLITE_DATABASE_PATH=data/telegram/telegram_test.db