# ============================================
# REQUIRED ENVIRONMENT VARIABLES
# ============================================
# Copy this file to .env and fill in your values

# Database Connection (PostgreSQL)
DATABASE_URL=postgres://username:password@localhost:5432/database_name

# JWT Secrets (use strong random strings)
# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
JWT_ACCESS_SECRET=your-access-token-secret-here-minimum-32-characters
JWT_REFRESH_SECRET=your-refresh-token-secret-here-minimum-32-characters

# ============================================
# OPTIONAL ENVIRONMENT VARIABLES
# ============================================

# Server Configuration
PORT=3000
NODE_ENV=development

# CORS Configuration (comma-separated list, required in production)
# Example: https://yourdomain.com,https://www.yourdomain.com
CORS_ALLOWED_ORIGINS=

# JWT Token Expiration (default values shown)
JWT_ACCESS_TTL=15m
JWT_REFRESH_TTL=7d

# Refresh Token Inactivity Timeout (in minutes, default: 4320 = 3 days)
REFRESH_MAX_IDLE_MINUTES=4320

# OTP Configuration
OTP_MAX_ATTEMPTS=5

# ============================================
# TWILIO SMS CONFIGURATION (Optional)
# ============================================
# Required for sending OTP via SMS
# If not configured, OTP will be logged to console in development

TWILIO_ACCOUNT_SID=your-twilio-account-sid
TWILIO_AUTH_TOKEN=your-twilio-auth-token

# Use either TWILIO_MESSAGING_SERVICE_SID (recommended) OR TWILIO_FROM_NUMBER
TWILIO_MESSAGING_SERVICE_SID=your-messaging-service-sid
# OR
TWILIO_FROM_NUMBER=+1234567890