Business-Management/backend/app/core/config.py

from pydantic import field_validator
from pydantic_settings import BaseSettings


class Settings(BaseSettings):
    PROJECT_NAME: str = "destroying_sap"

    DATABASE_URL: str = "postgresql+asyncpg://postgres:password@localhost:5432/destroying_sap"

    # RS256 asymmetric signing — generate keys with scripts/generate_jwt_keys.py
    ALGORITHM: str = "RS256"
    JWT_PRIVATE_KEY: str = ""  # PEM, required; set via env var
    JWT_PUBLIC_KEY: str = ""   # PEM, required; set via env var
    ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 8  # 8 hours — no permanent sessions

    CORS_ORIGINS: list[str] = ["http://localhost:5173"]

    @field_validator("JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", mode="before")
    @classmethod
    def expand_newlines(cls, v: str) -> str:
        """Allow PEM keys stored on a single line with literal \\n in .env."""
        return v.replace("\\n", "\n") if isinstance(v, str) else v

    class Config:
        env_file = ".env"


settings = Settings()