# Application settings
APP_NAME="Space Booking API"
# DEBUG=true for local dev. In production set DEBUG=false — the app will then
# REFUSE to start unless SECRET_KEY is changed from the default below.
DEBUG=true

# Database
DATABASE_URL="sqlite:///./space_booking.db"

# JWT
SECRET_KEY="your-secret-key-change-in-production"
ALGORITHM="HS256"
ACCESS_TOKEN_EXPIRE_MINUTES=1440

# SMTP
SMTP_HOST=localhost
SMTP_PORT=1025
SMTP_USER=
SMTP_PASSWORD=
SMTP_FROM_ADDRESS=noreply@space-booking.local
SMTP_ENABLED=false

# Frontend URL (used for OAuth callback redirects)
FRONTEND_URL=http://localhost:5173

# Google Calendar Integration
GOOGLE_CLIENT_ID=your_google_client_id_here
GOOGLE_CLIENT_SECRET=your_google_client_secret_here
GOOGLE_REDIRECT_URI=http://localhost:8000/api/integrations/google/callback

# Demo seed (LOCAL DEV ONLY). The entrypoint runs seed_db.py only when
# RUN_SEED=1. It plants weak demo accounts/content — never set this in prod.
# RUN_SEED=1
# ADMIN_PASSWORD=
# MANAGER_PASSWORD=
# USER_PASSWORD=

# === PRODUCTION (Dokploy) ===
# Do NOT set RUN_SEED. Tables are auto-created on boot, and the FIRST user to
# register becomes the superadmin (instance owner) — register your own account
# first, immediately after deploy.
# DEBUG=false
# SECRET_KEY=<python -c "import secrets; print(secrets.token_hex(32))">
# FRONTEND_URL=https://space.roa.romfast.ro
# SMTP_ENABLED=true
# SMTP_HOST=smtp.example.com
# SMTP_PORT=587
# SMTP_USER=user@example.com
# SMTP_PASSWORD=parola
# SMTP_FROM_ADDRESS=rezervari@romfast.ro