30 lines
1.7 KiB
Plaintext
30 lines
1.7 KiB
Plaintext
# ── SERVER ───────────────────────────────────────────────────────────────────
|
|
PORT=9000
|
|
DEV_AUTH_BYPASS=false
|
|
AI_LOCK_EXPIRY_HOURS=168
|
|
|
|
# Azure AD — server app registration (validates incoming JWTs)
|
|
AZURE_CLIENT_ID=<server-app-registration-client-id>
|
|
AZURE_TENANT_ID=<azure-ad-tenant-id>
|
|
|
|
# Graph — app-only calendar access (client credentials, independent of user auth)
|
|
# App Registration → API permissions → Graph → Calendars.Read (Application) → grant admin consent
|
|
# App Registration → Certificates & secrets → New client secret
|
|
AZURE_GRAPH_CLIENT_ID=<graph-app-registration-client-id>
|
|
AZURE_GRAPH_CLIENT_SECRET=<graph-client-secret-value>
|
|
# Fallback email when auth provides no email (e.g. API key login)
|
|
CALENDAR_USER_EMAIL=<your-email@domain.com>
|
|
# IANA timezone for calendar event times (default: Europe/Berlin)
|
|
CALENDAR_TIMEZONE=Europe/Berlin
|
|
|
|
# ── VISION / INVENTORY ───────────────────────────────────────────────────────
|
|
# AES-256-GCM key for encrypting user Vision API keys in DB
|
|
SETTINGS_ENCRYPTION_KEY=<random-32-char-secret>
|
|
# Max Vision API calls per user per day (default: 100)
|
|
VISION_RATE_LIMIT=100
|
|
|
|
# ── CLIENT (Vite — copy relevant lines to client/.env) ───────────────────────
|
|
# VITE_AZURE_CLIENT_ID=<frontend-app-registration-client-id>
|
|
# VITE_AZURE_TENANT_ID=<azure-ad-tenant-id>
|
|
# VITE_DEV_AUTH_BYPASS=true # DEV ONLY — never set in production
|