f956f0a260
- Add brevo.py: transactional email sending + contact list sync via Brevo API - Add token.py: stateless HMAC-signed confirmation tokens (no DB migration needed) - Update routes.py: POST /waitlist sends confirmation email, GET /waitlist/confirm verifies token - Update config.py: Brevo + confirmation settings (gracefully disabled when BREVO_API_KEY is empty) - Update .env.example with new Brevo and confirmation variables - Add httpx dependency - Add 8 new tests (token roundtrip/expiry/tamper, confirm endpoint, Brevo mock)
23 lines
637 B
Plaintext
23 lines
637 B
Plaintext
# Database
|
|
DATABASE_URL=postgresql+asyncpg://waitlist:changeme@localhost:5432/waitlist_db
|
|
|
|
# CORS — comma-separated allowed origins
|
|
ALLOWED_ORIGINS=https://adiuvai.com,https://www.adiuvai.com
|
|
|
|
# Rate limiting
|
|
RATE_LIMIT_PER_MINUTE=5
|
|
|
|
# Set to "production" in prod to enforce strict origin checks
|
|
ENVIRONMENT=development
|
|
|
|
# Brevo (email) — leave BREVO_API_KEY empty to disable email features
|
|
BREVO_API_KEY=
|
|
BREVO_SENDER_EMAIL=noreply@adiuvai.com
|
|
BREVO_SENDER_NAME=adiuvAI
|
|
BREVO_LIST_ID=0
|
|
|
|
# Confirmation link
|
|
CONFIRM_SECRET=replace-with-a-long-random-string
|
|
CONFIRM_BASE_URL=https://waitlist.adiuvai.com
|
|
CONFIRM_TOKEN_EXPIRY_HOURS=48
|