-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
180 lines (150 loc) · 5.32 KB
/
.env.example
File metadata and controls
180 lines (150 loc) · 5.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# ================================
# FLOWFULL - Backend API Template
# ================================
# Server Configuration
PORT=3001
NODE_ENV=development
BASE_URL=http://localhost:3001
HOST=0.0.0.0
# Database Configuration (choose one)
DATABASE_URL=postgresql://username:password@localhost:5432/flowfull_db
# DATABASE_URL=mysql://username:password@localhost:3306/flowfull_db
# DATABASE_URL=libsql://flowfull-database.turso.io
# Database Type (optional, auto-detected from URL)
# DATABASE_TYPE=postgresql|mysql|neon|neon-http|planetscale|libsql|d1
# Database Pool Settings
DATABASE_SSL=false
DATABASE_POOL_MIN=2
DATABASE_POOL_MAX=10
# Database Provider Specific Settings
# Neon Specific
# NEON_DATABASE_URL=postgresql://username:password@ep-cool-darkness-123456.us-east-1.aws.neon.tech/neondb?sslmode=require
# PlanetScale Specific
# PLANETSCALE_HOST=aws.connect.psdb.cloud
# PLANETSCALE_USERNAME=username
# PLANETSCALE_PASSWORD=password
# PLANETSCALE_SHARED_CONNECTION=false
# LibSQL/Turso Specific
# LIBSQL_AUTH_TOKEN=your_auth_token
# Flowless Integration
FLOWLESS_API_URL=http://localhost:3000
BRIDGE_VALIDATION_SECRET=your-shared-secret-key-here
BRIDGE_VALIDATION_TIMEOUT=5000
BRIDGE_RETRY_ATTEMPTS=3
# Session Management
SESSION_VALIDATION_CACHE_TTL=300
SESSION_HEADER_NAME=X-Session-ID
SESSION_COOKIE_NAME=session_id
SESSION_REQUIRE_HTTPS=false
# ================================
# Authentication & Validation Mode
# ================================
# Main Validation Mode Configuration
AUTH_VALIDATION_MODE=STANDARD # DISABLED | STANDARD | ADVANCED | STRICT
AUTH_ENABLE_VALIDATION_MODE=true # Enable/disable validation mode system
# Security Configuration
AUTH_IP_VALIDATION=true # Validate IP address changes
AUTH_USER_AGENT_VALIDATION=true # Validate User-Agent changes
AUTH_DEVICE_VALIDATION=false # Validate device fingerprint changes
AUTH_AUTO_INVALIDATE=false # Auto-invalidate sessions with violations
AUTH_LOG_VIOLATIONS=true # Log security violations
# Example Configurations by Environment:
# DEVELOPMENT: AUTH_VALIDATION_MODE=DISABLED
# STAGING: AUTH_VALIDATION_MODE=STANDARD
# PRODUCTION: AUTH_VALIDATION_MODE=ADVANCED
# CRITICAL: AUTH_VALIDATION_MODE=STRICT
# ================================
# Security & CORS
# ================================
CORS_ORIGINS=http://localhost:3000,http://localhost:5173
CORS_METHODS=GET,POST,PUT,DELETE,OPTIONS
CORS_HEADERS=Content-Type,Authorization,X-Session-ID
CORS_CREDENTIALS=true
CORS_MAX_AGE=86400
# Rate Limiting
RATE_LIMIT_ENABLED=true
RATE_LIMIT_REQUESTS=100
RATE_LIMIT_WINDOW=900000
RATE_LIMIT_SKIP_SUCCESSFUL=false
RATE_LIMIT_STORE=memory
# Request Security
MAX_REQUEST_SIZE=1048576
REQUEST_TIMEOUT=30000
VALIDATE_CONTENT_TYPE=true
REQUIRE_USER_AGENT=false
# ================================
# Logging & Monitoring
# ================================
LOG_LEVEL=info
LOG_FORMAT=json
LOG_MODE=false
LOG_FILE_ENABLED=true
LOG_FILE_PATH=./logs/flowfull.log
LOG_ROTATION_ENABLED=true
LOG_MAX_SIZE=10485760
LOG_MAX_FILES=5
# Health Check
HEALTH_CHECK_ENABLED=true
HEALTH_CHECK_PATH=/health
# Development Settings
DEV_MODE=true
DEV_CORS_RELAXED=true
DEV_LOG_REQUESTS=true
# Performance Settings
COMPRESSION_ENABLED=true
COMPRESSION_FORCE_DISABLE=false
# ================================
# HybridCache Configuration (Redis + LRU)
# ================================
# Enable/disable caching system
CACHE_ENABLED=true
# Redis Configuration (optional - if not provided, uses LRU-only mode)
# Supports multiple formats:
# - Standard: redis://localhost:6379
# - With password: redis://:password@localhost:6379
# - SSL/TLS: rediss://default:password@host:6379
# - Upstash example: rediss://default:AS987987987987897M@liberal-condor-11813.upstash.io:6379
REDIS_URL=redis://localhost:6379
# ================================
# Trust Tokens (PASETO v4)
# ================================
# PASETO Private Key for signing tokens (Ed25519)
# Generate with: bun run scripts/generate-paseto-key.ts
# IMPORTANT: Keep this secret! Never commit to Git!
PASETO_PRIVATE_KEY=
# Token Expiration Configuration (in hours)
# You can set global default or per-type TTL
# Global default (used if no type-specific TTL is set)
TOKEN_TTL_HOURS=168
# Type-specific TTL (optional - overrides global default)
# TOKEN_EMAIL_VERIFICATION_TTL_HOURS=24
# TOKEN_PASSWORD_RESET_TTL_HOURS=1
# TOKEN_INVITATION_TTL_HOURS=168
# TOKEN_MAGIC_LINK_TTL_HOURS=1
# TOKEN_API_KEY_TTL_HOURS=720
# TOKEN_<YOUR_CUSTOM_TYPE>_TTL_HOURS=<hours>
# ================================
# Email System (Optional)
# ================================
# Email Configuration (ZeptoMail)
ZEPTOMAIL_API_KEY=Zoho-enczapikey your_zeptomail_api_key_here
EMAIL_FROM_ADDRESS=noreply@yourdomain.com
EMAIL_FROM_NAME=Your Organization
EMAIL_REPLY_TO_ADDRESS=support@yourdomain.com
EMAIL_REPLY_TO_NAME=Support Team
# Organization Information (for email templates)
ORGANIZATION_NAME=Your Organization Name
ORGANIZATION_EMAIL=info@yourdomain.com
ORGANIZATION_PHONE=+1 (555) 123-4567
ORGANIZATION_ADDRESS=123 Main St, City, State 12345
ORGANIZATION_WEBSITE=https://yourdomain.com
# Internationalization
GLOBAL_LANG=en
DEFAULT_LANGUAGE=en
# ================================
# Application Features
# ================================
# Comma-separated list of enabled features
FEATURES_ENABLED=email,cron,cache
# Testing (Optional)
TEST_EMAIL=test@yourdomain.com