# Local development env (safe defaults; separate from production .env)
NODE_ENV=development
PORT=8080

# API/web local origins
APP_ORIGIN=http://localhost:5173
CORS_ORIGINS=http://localhost:5173,http://127.0.0.1:5173

# Database
POSTGRES_DB=skymoney
POSTGRES_USER=skymoney_app
POSTGRES_PASSWORD=change-me
DATABASE_URL=postgres://skymoney_app:change-me@postgres:5432/skymoney
BACKUP_DATABASE_URL=postgres://skymoney_app:change-me@127.0.0.1:5432/skymoney
RESTORE_DATABASE_URL=postgres://skymoney_app:change-me@127.0.0.1:5432/skymoney_restore_test
ADMIN_DATABASE_URL=postgres://skymoney_app:change-me@127.0.0.1:5432/postgres
TEST_DATABASE_URL=postgres://skymoney_app:change-me@127.0.0.1:5432/skymoney_test

# Auth
JWT_SECRET=replace-with-32+-chars
JWT_ISSUER=skymoney-api
JWT_AUDIENCE=skymoney-web
COOKIE_SECRET=replace-with-32+-chars
# Leave unset in local dev so host-only cookie is used.
# COOKIE_DOMAIN=
EMAIL_VERIFY_DEV_CODE_EXPOSE=true
BREAK_GLASS_VERIFY_ENABLED=true
BREAK_GLASS_VERIFY_CODE=replace-with-very-long-secret-32+-chars
UNDER_CONSTRUCTION_ENABLED=false

AUTH_DISABLED=false
ALLOW_INSECURE_AUTH_FOR_DEV=false
SEED_DEFAULT_BUDGET=true