spring:
  datasource:
    url: ${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/storycove}
    username: ${SPRING_DATASOURCE_USERNAME:storycove}
    password: ${SPRING_DATASOURCE_PASSWORD:password}
    driver-class-name: org.postgresql.Driver
  
  jpa:
    hibernate:
      ddl-auto: update
    properties:
      hibernate:
        dialect: org.hibernate.dialect.PostgreSQLDialect
        format_sql: true
    show-sql: false
  
  servlet:
    multipart:
      max-file-size: 10MB  # Reduced for security (was 250MB)
      max-request-size: 15MB  # Slightly higher to account for form data

server:
  port: 8080

storycove:
  app:
    public-url: ${STORYCOVE_PUBLIC_URL:http://localhost:6925}
  cors:
    allowed-origins: ${STORYCOVE_CORS_ALLOWED_ORIGINS:http://localhost:3000,http://localhost:6925}
  jwt:
    secret: ${JWT_SECRET}  # REQUIRED: Must be at least 32 characters, no default for security
    expiration: 86400000  # 24 hours
  auth:
    password: ${APP_PASSWORD}  # REQUIRED: No default password for security
  typesense:
    api-key: ${TYPESENSE_API_KEY:xyz}
    host: ${TYPESENSE_HOST:localhost}
    port: ${TYPESENSE_PORT:8108}
    enabled: ${TYPESENSE_ENABLED:true}
    reindex-interval: ${TYPESENSE_REINDEX_INTERVAL:3600000}  # 1 hour in milliseconds
  images:
    storage-path: ${IMAGE_STORAGE_PATH:/app/images}

logging:
  level:
    com.storycove: ${LOG_LEVEL:INFO}  # Use INFO for production, DEBUG for development
    org.springframework.security: WARN  # Reduce security logging
    org.springframework.web: WARN
    org.hibernate.SQL: ${SQL_LOG_LEVEL:WARN}  # Control SQL logging separately