40227-vm/backend/.env.example

NODE_ENV=development
PORT=8080

# Required secret for signing JWTs. Use a long random value locally and in production.
SECRET_KEY=replace_with_a_long_random_secret

# Local PostgreSQL connection. Sequelize development config still defaults to localhost values when these are empty.
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASS=
DB_NAME=db_school_chain_manager

# Frontend and Swagger public URLs used for redirects and generated API docs.
UI_HOST=http://localhost
UI_PORT=3000
SWAGGER_HOST=http://localhost
SWAGGER_PORT=8080

# Browser auth cookie and credentialed CORS. These are non-secret deployment values.
ALLOWED_ORIGINS=http://localhost:3000,http://localhost:8080
AUTH_ACCESS_COOKIE_NAME=school_chain_session
AUTH_REFRESH_COOKIE_NAME=school_chain_refresh
AUTH_COOKIE_SAME_SITE=lax
AUTH_COOKIE_SECURE=false
AUTH_COOKIE_MAX_AGE_MS=900000
AUTH_REFRESH_TOKEN_MAX_AGE_MS=1209600000
# Retention grace before the `db:cleanup-tokens` job deletes expired refresh-token rows (default 7 days).
AUTH_REFRESH_TOKEN_RETENTION_MS=604800000
AUTH_COOKIE_DOMAIN=

# Seed-only local credentials. Do not use production passwords here.
SEED_ADMIN_EMAIL=admin@example.com
SEED_ADMIN_PASSWORD=replace_with_local_seed_password
SEED_USER_PASSWORD=replace_with_local_seed_password

# Optional external integrations.
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
EMAIL_FROM=School Chain Manager <app@example.com>
EMAIL_HOST=
EMAIL_PORT=587
EMAIL_USER=
EMAIL_PASS=
GCLOUD_BUCKET=
GCLOUD_HASH=
PEXELS_KEY=
PEXELS_QUERY=Lighthouse guiding ships at dawn
GPT_KEY=
FLATLOGIC_PROJECT_UUID=