policy-as-code-platform/config.py at main · VikkramVigneswaranJai/policy-as-code-platform · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
"""
Configuration Module for Policy-as-Code Platform
=================================================
This module contains all configuration settings for the Flask application,
including database settings, JWT configuration, and OPA server settings.
"""

import os
from datetime import timedelta

# Base directory of the project
BASE_DIR = os.path.abspath(os.path.dirname(__file__))


class Config:
    """
    Base Configuration Class
    Contains default settings used across all environments.
    """

    # Flask Secret Key
    SECRET_KEY = os.environ.get(
        'SECRET_KEY',
        'policy-as-code-secret-key-change-in-production'
    )

    # Database
    SQLALCHEMY_DATABASE_URI = os.environ.get(
        'DATABASE_URL',
        f'sqlite:///{os.path.join(BASE_DIR, "pac_platform.db")}'
    )
    SQLALCHEMY_TRACK_MODIFICATIONS = False

    # =========================
    # JWT CONFIG (🔥 FIXED)
    # =========================
    JWT_SECRET_KEY = os.environ.get(
        'JWT_SECRET_KEY',
        'jwt-secret-key-change-in-production'
    )

    JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1)

    # 🔥 IMPORTANT CHANGE (COOKIE BASED)
    JWT_TOKEN_LOCATION = ["cookies"]
    JWT_ACCESS_COOKIE_NAME = "access_token_cookie"
    JWT_COOKIE_SECURE = False
    JWT_COOKIE_CSRF_PROTECT = False

    # =========================
    # OPA CONFIG
    # =========================
    OPA_SERVER_URL = os.environ.get(
        'OPA_SERVER_URL',
        'http://localhost:8181'
    )
    OPA_POLICY_PATH = os.path.join(BASE_DIR, 'opa_policies')

    # App settings
    DEBUG = False
    TESTING = False

    # CORS
    CORS_HEADERS = 'Content-Type'


class DevelopmentConfig(Config):
    DEBUG = True
    SQLALCHEMY_ECHO = True


class ProductionConfig(Config):
    DEBUG = False
    SQLALCHEMY_ECHO = False

    SECRET_KEY = os.environ.get('SECRET_KEY')
    JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY')


class TestingConfig(Config):
    TESTING = True
    SQLALCHEMY_DATABASE_URI = 'sqlite:///:memory:'
    JWT_ACCESS_TOKEN_EXPIRES = timedelta(minutes=5)


# Config mapping
config_by_name = {
    'development': DevelopmentConfig,
    'production': ProductionConfig,
    'testing': TestingConfig,
    'default': DevelopmentConfig
}