48 lines
1.6 KiB
Python
48 lines
1.6 KiB
Python
# [DEF:backend.src.core.auth.config:Module]
|
|
#
|
|
# @SEMANTICS: auth, config, settings, jwt, adfs
|
|
# @PURPOSE: Centralized configuration for authentication and authorization.
|
|
# @LAYER: Core
|
|
# @RELATION: DEPENDS_ON -> pydantic
|
|
#
|
|
# @INVARIANT: All sensitive configuration must have defaults or be loaded from environment.
|
|
|
|
# [SECTION: IMPORTS]
|
|
from pydantic import Field
|
|
from pydantic_settings import BaseSettings
|
|
# [/SECTION]
|
|
|
|
# [DEF:AuthConfig:Class]
|
|
# @PURPOSE: Holds authentication-related settings.
|
|
# @PRE: Environment variables may be provided via .env file.
|
|
# @POST: Returns a configuration object with validated settings.
|
|
class AuthConfig(BaseSettings):
|
|
# JWT Settings
|
|
SECRET_KEY: str = Field(default="super-secret-key-change-in-production", env="AUTH_SECRET_KEY")
|
|
ALGORITHM: str = "HS256"
|
|
ACCESS_TOKEN_EXPIRE_MINUTES: int = 480
|
|
REFRESH_TOKEN_EXPIRE_DAYS: int = 7
|
|
|
|
# Database Settings
|
|
AUTH_DATABASE_URL: str = Field(
|
|
default="postgresql+psycopg2://postgres:postgres@localhost:5432/ss_tools",
|
|
env="AUTH_DATABASE_URL",
|
|
)
|
|
|
|
# ADFS Settings
|
|
ADFS_CLIENT_ID: str = Field(default="", env="ADFS_CLIENT_ID")
|
|
ADFS_CLIENT_SECRET: str = Field(default="", env="ADFS_CLIENT_SECRET")
|
|
ADFS_METADATA_URL: str = Field(default="", env="ADFS_METADATA_URL")
|
|
|
|
class Config:
|
|
env_file = ".env"
|
|
extra = "ignore"
|
|
# [/DEF:AuthConfig:Class]
|
|
|
|
# [DEF:auth_config:Variable]
|
|
# @PURPOSE: Singleton instance of AuthConfig.
|
|
auth_config = AuthConfig()
|
|
# [/DEF:auth_config:Variable]
|
|
|
|
# [/DEF:backend.src.core.auth.config:Module]
|