# Copy this to .env and fill in real values. # Never commit .env to version control. # Secret key for signing JWT tokens – generate with: openssl rand -hex 32 SECRET_KEY=change-me-generate-with-openssl-rand-hex-32 # JWT algorithm (HS256 is fine for single-server setups) ALGORITHM=HS256 # How many minutes a login token stays valid ACCESS_TOKEN_EXPIRE_MINUTES=60 # SQLite path relative to the project root (or a full postgresql:// URL) DATABASE_URL=sqlite:///./flipventory.db # The email address that is always treated as the site-wide admin. # This user gets admin=True forced on every login, regardless of DB state. ADMIN_EMAIL=martin@hohenberg.jp