Phillip Tarrant
8675f9bf75
- Add SessionCacheService with 5-minute TTL Redis cache - Cache validated sessions to avoid redundant Appwrite calls - Add /api/v1/auth/me endpoint for retrieving current user - Invalidate cache on logout and password reset - Add session_cache config to auth section (Redis db 2) - Fix Docker Redis hostname (localhost -> redis) - Handle timezone-aware datetime comparisons Security: tokens hashed before use as cache keys, explicit invalidation on logout/password change, graceful degradation when Redis unavailable. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
133 lines
2.8 KiB
YAML
133 lines
2.8 KiB
YAML
# Production Configuration for Code of Conquest
|
|
|
|
app:
|
|
name: "Code of Conquest"
|
|
version: "0.1.0"
|
|
environment: "production"
|
|
debug: false
|
|
|
|
server:
|
|
host: "0.0.0.0"
|
|
port: 5000
|
|
workers: 4
|
|
|
|
redis:
|
|
host: "redis" # Docker service name or production host
|
|
port: 6379
|
|
db: 0
|
|
max_connections: 100
|
|
|
|
rq:
|
|
queues:
|
|
- "ai_tasks"
|
|
- "combat_tasks"
|
|
- "marketplace_tasks"
|
|
worker_timeout: 600
|
|
job_timeout: 300
|
|
|
|
ai:
|
|
timeout: 30
|
|
max_retries: 3
|
|
cost_alert_threshold: 500.00
|
|
|
|
models:
|
|
free:
|
|
provider: "replicate"
|
|
model: "meta/meta-llama-3-70b-instruct"
|
|
max_tokens: 256
|
|
temperature: 0.7
|
|
|
|
standard:
|
|
provider: "anthropic"
|
|
model: "claude-3-5-haiku-20241022"
|
|
max_tokens: 512
|
|
temperature: 0.8
|
|
|
|
premium:
|
|
provider: "anthropic"
|
|
model: "claude-3-5-sonnet-20241022"
|
|
max_tokens: 1024
|
|
temperature: 0.9
|
|
|
|
rate_limiting:
|
|
enabled: true
|
|
storage_url: "redis://redis:6379/1"
|
|
|
|
tiers:
|
|
free:
|
|
requests_per_minute: 30
|
|
ai_calls_per_day: 50
|
|
custom_actions_per_day: 10
|
|
custom_action_char_limit: 150
|
|
basic:
|
|
requests_per_minute: 60
|
|
ai_calls_per_day: 200
|
|
custom_actions_per_day: 50
|
|
custom_action_char_limit: 300
|
|
premium:
|
|
requests_per_minute: 120
|
|
ai_calls_per_day: 1000
|
|
custom_actions_per_day: -1 # Unlimited
|
|
custom_action_char_limit: 500
|
|
elite:
|
|
requests_per_minute: 300
|
|
ai_calls_per_day: -1 # Unlimited
|
|
custom_actions_per_day: -1 # Unlimited
|
|
custom_action_char_limit: 500
|
|
|
|
session:
|
|
timeout_minutes: 30
|
|
auto_save_interval: 5
|
|
min_players: 1
|
|
max_players_by_tier:
|
|
free: 1
|
|
basic: 2
|
|
premium: 6
|
|
elite: 10
|
|
|
|
auth:
|
|
# Authentication cookie settings
|
|
cookie_name: "coc_session"
|
|
duration_normal: 86400 # 24 hours (seconds)
|
|
duration_remember_me: 2592000 # 30 days (seconds)
|
|
http_only: true
|
|
secure: true # HTTPS only in production
|
|
same_site: "Lax"
|
|
path: "/"
|
|
|
|
# Password requirements
|
|
password_min_length: 8
|
|
password_require_uppercase: true
|
|
password_require_lowercase: true
|
|
password_require_number: true
|
|
password_require_special: true
|
|
|
|
# User input validation
|
|
name_min_length: 3
|
|
name_max_length: 50
|
|
email_max_length: 255
|
|
|
|
# Session cache settings (Redis-based, reduces Appwrite API calls)
|
|
session_cache:
|
|
enabled: true
|
|
ttl_seconds: 300 # 5 minutes
|
|
redis_db: 2 # Separate from RQ (db 0) and rate limiting (db 1)
|
|
|
|
marketplace:
|
|
auction_check_interval: 300 # 5 minutes
|
|
max_listings_by_tier:
|
|
premium: 10
|
|
elite: 25
|
|
|
|
cors:
|
|
origins:
|
|
- "https://yourdomain.com" # Replace with actual production domain
|
|
|
|
logging:
|
|
level: "INFO"
|
|
format: "json"
|
|
handlers:
|
|
- "console"
|
|
- "file"
|
|
file_path: "/var/log/coc/app.log"
|