lazyflat/web/settings.py

import secrets
import sys
from os import getenv
from pathlib import Path

from dotenv import load_dotenv

load_dotenv()


def _required(key: str) -> str:
    val = getenv(key)
    if not val:
        print(f"missing required env var: {key}", file=sys.stderr)
        sys.exit(1)
    return val


# --- Auth ---
AUTH_USERNAME: str = _required("AUTH_USERNAME")
# argon2 hash of the password. Generate via:
#   python -c "from argon2 import PasswordHasher; print(PasswordHasher().hash('<password>'))"
AUTH_PASSWORD_HASH: str = _required("AUTH_PASSWORD_HASH")

# Signs session cookies. If missing -> ephemeral random secret (invalidates sessions on restart).
SESSION_SECRET: str = getenv("SESSION_SECRET") or secrets.token_urlsafe(48)
SESSION_COOKIE_NAME: str = "lazyflat_session"
SESSION_MAX_AGE_SECONDS: int = int(getenv("SESSION_MAX_AGE_SECONDS", str(60 * 60 * 24 * 7)))

# When behind an HTTPS proxy (Coolify/Traefik) this MUST be true so cookies are Secure.
COOKIE_SECURE: bool = getenv("COOKIE_SECURE", "true").lower() in ("true", "1", "yes", "on")

# --- Internal service auth ---
INTERNAL_API_KEY: str = _required("INTERNAL_API_KEY")

# --- Apply service ---
APPLY_URL: str = getenv("APPLY_URL", "http://apply:8000")
APPLY_TIMEOUT: int = int(getenv("APPLY_TIMEOUT", "600"))
# Circuit breaker: disable auto-apply after N consecutive apply failures.
APPLY_FAILURE_THRESHOLD: int = int(getenv("APPLY_FAILURE_THRESHOLD", "3"))

# --- Storage ---
DATA_DIR: Path = Path(getenv("DATA_DIR", "/data"))
DATA_DIR.mkdir(parents=True, exist_ok=True)
DB_PATH: Path = DATA_DIR / "lazyflat.sqlite"

# --- Rate limiting ---
LOGIN_RATE_LIMIT: int = int(getenv("LOGIN_RATE_LIMIT", "5"))
LOGIN_RATE_WINDOW_SECONDS: int = int(getenv("LOGIN_RATE_WINDOW_SECONDS", "900"))

# --- Filter criteria (mirrored from original flat-alert) ---
FILTER_ROOMS: list[float] = [float(r) for r in getenv("FILTER_ROOMS", "2.0,2.5").split(",") if r.strip()]
FILTER_MAX_RENT: float = float(getenv("FILTER_MAX_RENT", "1500"))
FILTER_MAX_MORNING_COMMUTE: float = float(getenv("FILTER_MAX_MORNING_COMMUTE", "50"))