# ========================================================
# REQUIRED CONFIGURATION (Must be set for basic functionality)
# ========================================================
# [APPLICATION CORE]
# Core settings that control the application behavior
PORT=9000 # Port on which the application server will run
APP_ENV=DEV # Runtime environment (DEV|STAGE|PROD)
APP_URL=http://localhost # Base URL where the application is hosted
# [AUTHENTICATION SERVICE]
# Endpoint for authentication services
AUTH_BASE_URL=http://localhost:1421 # Base URL of the authentication service
# [EMAIL SERVICE]
# SMTP configuration for outgoing emails
SMTP_ENABLED=true # Enable/disable email sending functionality
SMTP_MAIL_HOST= # SMTP server host (e.g., smtp.gmail.com)
SMTP_MAIL_PORT= # SMTP server port (e.g., 587 for TLS)
SMTP_MAIL_SECURE= # Security protocol (true for TLS, false for STARTTLS)
SMTP_USER_NAME= # SMTP authentication username
SMTP_SENDER_EMAIL= # Email address used as sender
SMTP_SENDER_PASSWORD= # Password/App password for SMTP authentication
# [JWT CONFIGURATION]
# Token settings for authentication security
JWT_SECRET_KEY=webtoken-secret-key # Secret key for JWT signing (KEEP THIS SECURE!)
JWT_EXPIRATION_TIME=2400 # JWT expiration time in seconds (default: 40 mins)
REFRESH_TOKEN_SECRET_KEY=refresh-token-secret # Secret for refresh tokens (KEEP SECURE!)
REFRESH_TOKEN_EXPIRATION_TIME=604800 # Refresh token expiry in seconds (default: 7 days)
REFRESH_TOKEN_MAX_LIMIT=50 # Maximum concurrent refresh tokens per user
# [DATABASE]
# MongoDB connection configuration
DB_NAME=sparrow # Default database name
# Choose ONE of these connection methods based on your setup:
# Local/Remote MongoDB Setup:
# DB_URL=mongodb://localhost:27017 # Use for standalone MongoDB
# ========================================================
# OPTIONAL CONFIGURATION (Enable additional features)
# ========================================================
# [GOOGLE OAUTH]
# Enable Google Sign-In functionality
ENABLE_GOOGLE_AUTH=false # Set to true to enable Google OAuth
GOOGLE_CLIENT_ID= # Google OAuth Client ID
GOOGLE_CLIENT_SECRET= # Google OAuth Client Secret
GOOGLE_APP_URL= # Authorized JavaScript origins URL
LOGIN_REDIRECT_URL= # Post-login redirect URL
GOOGLE_ACCESS_TYPE= # OAuth access type (online/offline)
# [EMAIL VERIFICATION]
EMAIL_VALIDATION_CODE_EXPIRY_TIME= # Expiration time for email validation links/codes (in seconds)
# [APPLICATION UPDATER]
# Automatic update checking configuration
APP_UPDATE_AVAILABLE=false # Enable/disable update checks
APP_VERSION= # Current application version (semantic versioning)
WINDOWS_APP_SIGNATURE= # Windows app signature for update verification
WINDOWS_APP_URL= # Windows app download URL
MAC_APPLE_SILICON_APP_SIGNATURE= # Mac (Apple Silicon) app signature
MAC_APPLE_SILICON_APP_URL= # Mac (Apple Silicon) download URL
MAC_INTEL_APP_SIGNATURE= # Mac (Intel) app signature
MAC_INTEL_APP_URL= # Mac (Intel) download URL
# [SUPPORT & MARKETING]
SPARROW_EMAIL=contactus@sparrowapp.dev # Official support email address
MARKETING_BASE_URL=http://localhost:1423 # Base URL for marketing website
# [AZURE INTEGRATION]
AZURE_CONNECTION_STRING= # Azure Storage connection string
AZURE_INSIGHTS_CONNECTION_STRING= # Azure Application Insights connection string
FEEDBACK_BLOB_CONTAINER= # Azure Blob container name for feedback storage
AI_CONVERSATION_BLOB_CONTAINER= # Azure Blob container name for AI Conversation storage
# [AI SERVICES]
# Azure OpenAI Configuration
AZURE_OPENAI_ENDPOINT= # Azure OpenAI endpoint URL
AZURE_OPENAI_API_KEY= # Azure OpenAI API key
AZURE_OPENAI_DEPLOYMENT= # Deployment name in Azure OpenAI
AZURE_OPENAI_API_VERSION= # API version (e.g., "2023-05-15")
AZURE_OPENAI_MAX_TOKENS= # Maximum tokens per AI response
AZURE_OPENAI_MONTHLY_TOKEN_LIMIT= # Monthly token quota for AI services
AZURE_OPENAI_ASSISTANT_ID= # OpenAI assistant ID
# Deepseek AI Configuration
DEEPSEEK_ENDPOINT= # Deepseek API endpoint
DEEPSEEK_API_KEY= # Deepseek API authentication key
DEEPSEEK_API_VERSION= # Deepseek API version
# [HUBSPOT INTEGRATION]
HUBSPOT_BASEURL= # HubSpot API base URL
HUBSPOT_INTEGRATION_ENABLED= # Enable/disable HubSpot integration
HUBSPOT_PORTALID= # HubSpot portal ID
HUBSPOT_FORMID= # HubSpot form ID for submissions
# [NEWSLETTER SUBSCRIPTION]
BEEHIIV_API_KEY= # Beehiiv API key for newsletter management
BEEHIIV_PUBLICATION_ID= # Beehiiv publication ID
# [PRIVILEGED ACCESS]
WHITELIST_USER_EMAILS= # Comma-separated list of emails with unlimited AI access
# [ERROR MONITORING]
SENTRY_DSN_KEY= # Sentry DSN for error tracking
SENTRY_APP_ENVIRONMENT= # Environment tag for Sentry (dev/stage/prod)
# [PAYMENT PROCESSING]
STRIPE_WEBHOOK= # Stripe webhook endpoint secret
STRIPE_PUBLISHABLE_KEY= # Stripe publishable key (frontend)
STRIPE_SECRET_KEY= # Stripe secret key (backend - KEEP SECURE!)
# [Sparrow Admin]
SPARROW_ADMIN_KEY= # Sparrow admin key for privileged operations specific to Sparrow team
ADMIN_BASE_URL= # Base URL for Sparrow admin operations