# Server
NODE_ENV=development
PORT=3000

# CORS
CORS_ORIGIN=http://localhost:8080

# Database
DATABASE_URL=postgresql://spotlightcam:spotlightcam123@db:5432/spotlightcam

# JWT
JWT_SECRET=dev-secret-key-12345-change-in-production
JWT_EXPIRES_IN=24h

# AWS SES (REPLACE WITH YOUR CREDENTIALS)
AWS_REGION=eu-central-1
AWS_ACCESS_KEY_ID=your-aws-access-key-id
AWS_SECRET_ACCESS_KEY=your-aws-secret-access-key
SES_FROM_EMAIL=noreply@spotlight.cam
SES_FROM_NAME=spotlight.cam

# Email Settings
FRONTEND_URL=http://localhost:8080
VERIFICATION_TOKEN_EXPIRY=24h

# Security - Rate Limiting
RATE_LIMIT_ENABLED=false
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX=1000
RATE_LIMIT_AUTH_MAX=100
RATE_LIMIT_EMAIL_MAX=20

# Security - CSRF Protection
ENABLE_CSRF=false

# Security - Body Size Limits
BODY_SIZE_LIMIT=50mb

# Security - Password Policy
PASSWORD_MIN_LENGTH=8
PASSWORD_REQUIRE_UPPERCASE=false
PASSWORD_REQUIRE_LOWERCASE=false
PASSWORD_REQUIRE_NUMBER=false
PASSWORD_REQUIRE_SPECIAL=false

# Security - Account Lockout
ENABLE_ACCOUNT_LOCKOUT=false
MAX_LOGIN_ATTEMPTS=100
LOCKOUT_DURATION_MINUTES=15

# Logging
LOG_LEVEL=debug

# Scheduler
# Enable simple in-process scheduler for auto-matching
ENABLE_SCHEDULER=false
# Global tick interval in seconds (default 300 = 5min)
SCHEDULER_INTERVAL_SEC=300
# Per-event minimum time between runs in seconds (default 60s)
MATCHING_MIN_INTERVAL_SEC=60

# Cloudflare Turnstile (CAPTCHA)
# Get your secret key from: https://dash.cloudflare.com/
TURNSTILE_SECRET_KEY=your-secret-key-here

# Cloudflare TURN/STUN
# Get your credentials from: https://dash.cloudflare.com/ -> Calls -> TURN
CLOUDFLARE_TURN_TOKEN_ID=your-turn-token-id-here
CLOUDFLARE_TURN_API_TOKEN=your-turn-api-token-here

# Beta Testing
# Auto-assign SUPPORTER tier to new registrations during beta
BETA_AUTO_SUPPORTER=false