# #region AuthConfigModule [C:2] [TYPE Module] [SEMANTICS auth, config, settings, jwt, adfs] # # @BRIEF Centralized configuration for authentication and authorization. # @LAYER: Core # @RELATION DEPENDS_ON -> pydantic # # @INVARIANT: All sensitive configuration must have defaults or be loaded from environment. from pydantic import Field from pydantic_settings import BaseSettings # #region AuthConfig [TYPE Class] # @BRIEF Holds authentication-related settings. # @PRE: Environment variables may be provided via .env file. # @POST: Returns a configuration object with validated settings. # @RELATION INHERITS -> pydantic_settings.BaseSettings class AuthConfig(BaseSettings): # JWT Settings SECRET_KEY: str = Field(default="super-secret-key-change-in-production", env="AUTH_SECRET_KEY") ALGORITHM: str = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES: int = 480 REFRESH_TOKEN_EXPIRE_DAYS: int = 7 # Database Settings AUTH_DATABASE_URL: str = Field( default="postgresql+psycopg2://postgres:postgres@localhost:5432/ss_tools", env="AUTH_DATABASE_URL", ) # ADFS Settings ADFS_CLIENT_ID: str = Field(default="", env="ADFS_CLIENT_ID") ADFS_CLIENT_SECRET: str = Field(default="", env="ADFS_CLIENT_SECRET") ADFS_METADATA_URL: str = Field(default="", env="ADFS_METADATA_URL") class Config: env_file = ".env" extra = "ignore" # #endregion AuthConfig # #region auth_config [TYPE Variable] # @BRIEF Singleton instance of AuthConfig. # @RELATION DEPENDS_ON -> AuthConfig auth_config = AuthConfig() # #endregion auth_config # #endregion AuthConfigModule