gepafin-rendicontazione-api/app/config.py

from pydantic_settings import BaseSettings
from functools import lru_cache


class Settings(BaseSettings):
    # Database (stesso Postgres sandbox del BE Gepafin)
    db_host: str = "postgres"
    db_port: int = 5432
    db_name: str = "gepaDb"
    db_user: str = "gepa"
    db_password: str = "gepa"
    db_schema: str = "gepafin_rendic"

    # JWT — deve corrispondere al secret di GEPAFIN-BE
    jwt_secret: str = "sandbox-secret-do-not-use-in-prod-minimum-32-chars-padding-ZZZZZZZZZZ"
    jwt_algorithm: str = "HS512"

    # CORS
    cors_origins: str = "http://78.46.41.91:18072,http://localhost:18072"

    # Shared secret per endpoint /internal chiamati dal BE Gepafin
    # In PROD va cambiato via env var RENDIC_INTERNAL_SECRET
    internal_secret: str = "sandbox-internal-secret-ChangeMeInProd-AtLeast32Chars"

    class Config:
        env_file = ".env"
        env_prefix = "RENDIC_"

    @property
    def db_url(self) -> str:
        return f"postgresql+psycopg2://{self.db_user}:{self.db_password}@{self.db_host}:{self.db_port}/{self.db_name}"

    @property
    def cors_list(self) -> list[str]:
        return [o.strip() for o in self.cors_origins.split(",") if o.strip()]


@lru_cache
def get_settings() -> Settings:
    return Settings()