# Flask app location (required for database migrations)
FLASK_APP=backend.app:create_app

# Flask secret key (optional in development, REQUIRED in production)
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
# SECRET_KEY=your-secret-key-here

# Authelia OIDC Configuration
# REQUIRED: Set these values to match your Authelia instance

# Authelia issuer URL (e.g., https://auth.example.com)
OIDC_ISSUER=

# OIDC client ID (must match the client configured in Authelia)
OIDC_CLIENT_ID=trivia-app

# OIDC client secret (generated when configuring the client in Authelia)
OIDC_CLIENT_SECRET=

# OAuth redirect URI (adjust if deploying to production)
OIDC_REDIRECT_URI=http://localhost:5001/api/auth/callback

# Frontend URL for callbacks
FRONTEND_URL=http://localhost:3000

# Frontend port (defaults to 3000 if not set)
# FRONTEND_PORT=3000

# Cookie security (set to 'true' in production with HTTPS)
SESSION_COOKIE_SECURE=false