"""
config.py
----------
Central configuration, loaded from environment variables (with sane local
defaults). Never hardcode secrets — set these via a real .env file or your
deployment platform's secret manager in production.
"""

import os
import secrets


class Settings:
    # Database
    # Example MySQL URL: mysql+pymysql://user:password@localhost:3306/mindscreen_ai
    DATABASE_URL: str = os.getenv(
        "DATABASE_URL", "sqlite:///./mindscreen_dev.db"
    )

    # Auth / JWT
    JWT_SECRET_KEY: str = os.getenv("JWT_SECRET_KEY", secrets.token_urlsafe(32))
    JWT_ALGORITHM: str = "HS256"
    ACCESS_TOKEN_EXPIRE_MINUTES: int = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "60"))

    # CORS
    ALLOWED_ORIGINS: list = os.getenv("ALLOWED_ORIGINS", "http://localhost:3000").split(",")

    # Email (stubbed — no real SMTP configured in this build stage)
    EMAIL_SENDING_ENABLED: bool = os.getenv("EMAIL_SENDING_ENABLED", "false").lower() == "true"
    SMTP_HOST: str = os.getenv("SMTP_HOST", "")
    SMTP_PORT: int = int(os.getenv("SMTP_PORT", "587"))
    SMTP_USER: str = os.getenv("SMTP_USER", "")
    SMTP_PASSWORD: str = os.getenv("SMTP_PASSWORD", "")
    APP_BASE_URL: str = os.getenv("APP_BASE_URL", "http://localhost:8000")

    # Eligibility
    MIN_AGE: int = 18
    MAX_AGE: int = 30


settings = Settings()
