changes

2025-08-18 20:20:04 -05:00
parent 89b2bc0aa2
commit bac8cc4bd5
114 changed files with 30258 additions and 1341 deletions
--- a/env-example.txt
+++ b/env-example.txt
@@ -0,0 +1,132 @@
+# =============================================================================
+# DELPHI CONSULTING GROUP DATABASE SYSTEM - ENVIRONMENT VARIABLES
+# =============================================================================
+# 
+# Copy this file to .env and set secure values for all variables
+# NEVER commit .env files to version control
+# 
+# SECURITY CRITICAL: All variables marked ⚠️ MUST be changed from defaults
+# =============================================================================
+
+# =============================================================================
+# 🔒 SECURITY SETTINGS (CRITICAL - MUST BE SET)
+# =============================================================================
+
+# ⚠️ SECRET_KEY: Cryptographic key for JWT tokens and session security
+# REQUIREMENT: Minimum 32 characters, use cryptographically secure random string
+# Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
+SECRET_KEY=CHANGE_ME_TO_32_PLUS_CHARACTER_RANDOM_STRING
+
+# ⚠️ ADMIN_PASSWORD: Initial admin account password
+# REQUIREMENT: Minimum 12 characters, mixed case, numbers, symbols
+# Generate with: python -c "import secrets, string; print(''.join(secrets.choice(string.ascii_letters + string.digits + '!@#$%^&*') for _ in range(16)))"
+ADMIN_PASSWORD=CHANGE_ME_TO_SECURE_PASSWORD
+
+# Optional: Previous secret key for seamless key rotation
+# PREVIOUS_SECRET_KEY=
+
+# =============================================================================
+# 🌐 CORS SETTINGS (IMPORTANT FOR PRODUCTION)
+# =============================================================================
+
+# ⚠️ CORS_ORIGINS: Comma-separated list of allowed origins
+# Example: https://app.yourcompany.com,https://www.yourcompany.com
+# For development, localhost is automatically allowed
+CORS_ORIGINS=https://your-production-domain.com
+
+# =============================================================================
+# 👤 ADMIN ACCOUNT SETTINGS
+# =============================================================================
+
+ADMIN_USERNAME=admin
+ADMIN_EMAIL=admin@yourcompany.com
+ADMIN_FULLNAME=System Administrator
+
+# =============================================================================
+# 🗄️ DATABASE SETTINGS
+# =============================================================================
+
+# Database URL (SQLite by default, can use PostgreSQL for production)
+DATABASE_URL=sqlite:///./data/delphi_database.db
+
+# =============================================================================
+# ⚙️ APPLICATION SETTINGS
+# =============================================================================
+
+# Application settings
+APP_NAME=Delphi Consulting Group Database System
+DEBUG=False
+
+# JWT Token expiration
+ACCESS_TOKEN_EXPIRE_MINUTES=240
+REFRESH_TOKEN_EXPIRE_MINUTES=43200
+
+# File paths
+UPLOAD_DIR=./uploads
+BACKUP_DIR=./backups
+
+# Pagination
+DEFAULT_PAGE_SIZE=50
+MAX_PAGE_SIZE=200
+
+# =============================================================================
+# 📝 LOGGING SETTINGS
+# =============================================================================
+
+LOG_LEVEL=INFO
+LOG_TO_FILE=True
+LOG_ROTATION=10 MB
+LOG_RETENTION=30 days
+
+# =============================================================================
+# 🔄 CACHE SETTINGS (OPTIONAL)
+# =============================================================================
+
+CACHE_ENABLED=False
+# REDIS_URL=redis://localhost:6379
+
+# =============================================================================
+# 📧 NOTIFICATION SETTINGS (OPTIONAL)
+# =============================================================================
+
+NOTIFICATIONS_ENABLED=False
+
+# Email settings (if notifications enabled)
+# SMTP_HOST=smtp.gmail.com
+# SMTP_PORT=587
+# SMTP_USERNAME=your-email@company.com
+# SMTP_PASSWORD=your-email-password
+# SMTP_STARTTLS=True
+# NOTIFICATION_EMAIL_FROM=no-reply@yourcompany.com
+
+# QDRO notification recipients (comma-separated)
+# QDRO_NOTIFY_EMAIL_TO=legal@yourcompany.com,admin@yourcompany.com
+
+# Webhook settings (optional)
+# QDRO_NOTIFY_WEBHOOK_URL=https://your-webhook-endpoint.com
+# QDRO_NOTIFY_WEBHOOK_SECRET=your-webhook-secret
+
+# =============================================================================
+# 🐳 DOCKER/DEPLOYMENT SETTINGS (OPTIONAL)
+# =============================================================================
+
+# EXTERNAL_PORT=8000
+# ALLOWED_HOSTS=yourcompany.com,www.yourcompany.com
+# SECURE_COOKIES=True
+# COMPOSE_PROJECT_NAME=delphi-db
+
+# =============================================================================
+# 🚨 SECURITY CHECKLIST
+# =============================================================================
+# 
+# Before deploying to production, verify:
+# ✅ SECRET_KEY is 32+ character random string
+# ✅ ADMIN_PASSWORD is strong (12+ chars, mixed case, symbols)
+# ✅ CORS_ORIGINS set to specific domains (not localhost)
+# ✅ DEBUG=False
+# ✅ SECURE_COOKIES=True (if using HTTPS)
+# ✅ Database backups configured and tested
+# ✅ Log monitoring configured
+# ✅ This .env file is never committed to version control
+# 
+# =============================================================================