# ============================================================================ # Authentication & User Management Configuration # ============================================================================ # Copy this to your .env file and configure for your environment # ---------------------------------------------------------------------------- # Email Configuration (Required for invitations and password reset) # ---------------------------------------------------------------------------- SMTP_HOST=smtp.gmail.com SMTP_PORT=587 SMTP_USERNAME=your-email@gmail.com SMTP_PASSWORD=your-app-password SMTP_USE_TLS=true SMTP_FROM_EMAIL=noreply@timetracker.com SMTP_FROM_NAME=TimeTracker # ---------------------------------------------------------------------------- # User Registration # ---------------------------------------------------------------------------- # Allow users to self-register (true/false) ALLOW_SELF_REGISTER=true # Admin usernames (comma-separated) ADMIN_USERNAMES=admin,superuser # ---------------------------------------------------------------------------- # Session Configuration # ---------------------------------------------------------------------------- # Session lifetime in seconds (default: 86400 = 24 hours) PERMANENT_SESSION_LIFETIME=86400 # Remember cookie duration in days REMEMBER_COOKIE_DAYS=365 # Secure cookies (set to true in production with HTTPS) SESSION_COOKIE_SECURE=false REMEMBER_COOKIE_SECURE=false # ---------------------------------------------------------------------------- # Security # ---------------------------------------------------------------------------- # IMPORTANT: Generate a strong random secret key for production # Example: python -c "import secrets; print(secrets.token_hex(32))" SECRET_KEY=dev-secret-key-change-in-production # ---------------------------------------------------------------------------- # Authentication Method # ---------------------------------------------------------------------------- # Options: local, oidc, both AUTH_METHOD=local # ---------------------------------------------------------------------------- # Rate Limiting # ---------------------------------------------------------------------------- # Format: "count per period" separated by semicolons RATELIMIT_DEFAULT=200 per day;50 per hour # Rate limit storage (memory:// for single instance, redis:// for distributed) RATELIMIT_STORAGE_URI=memory:// # ---------------------------------------------------------------------------- # Email Configuration Examples # ---------------------------------------------------------------------------- # Gmail: # SMTP_HOST=smtp.gmail.com # SMTP_PORT=587 # SMTP_USERNAME=your-email@gmail.com # SMTP_PASSWORD=your-app-password # Generate at https://myaccount.google.com/apppasswords # SMTP_USE_TLS=true # SendGrid: # SMTP_HOST=smtp.sendgrid.net # SMTP_PORT=587 # SMTP_USERNAME=apikey # SMTP_PASSWORD=your-sendgrid-api-key # SMTP_USE_TLS=true