DATABASE_URL=postgresql://postgres:postgres@localhost:5432/wa_dashboard
JWT_SECRET=replace-with-32-plus-char-random-secret
JWT_EXPIRES_IN=1d
JWT_REFRESH_SECRET=replace-with-32-plus-char-random-refresh-secret
JWT_REFRESH_EXPIRES_IN=30d
PORT=3001
FRONTEND_ORIGIN=http://localhost:3000
PUBLIC_API_URL=http://localhost:3001
REDIS_URL=redis://127.0.0.1:6379
WEBHOOK_VERIFY_TOKEN=replace-with-32-plus-char-random-token
WEBHOOK_SHARED_SECRET=replace-with-32-plus-char-random-secret
META_WEBHOOK_APP_SECRET=
WEBHOOK_ALLOW_UNSIGNED=false
NEXT_PUBLIC_API_URL=http://localhost:3000/backend-api
MAIL_HOST=mail.example.com
MAIL_PORT=465
MAIL_SECURE=true
MAIL_USER=no-reply@example.com
MAIL_PASSWORD=replace-with-real-smtp-password
MAIL_FROM=no-reply@example.com
AUTH_LOGIN_MAX_ATTEMPTS=5
AUTH_LOGIN_WINDOW_MINUTES=15
AUTH_2FA_MAX_ATTEMPTS=5
AUTH_2FA_WINDOW_MINUTES=10
AUTH_PASSWORD_RESET_MAX_ATTEMPTS=3
AUTH_PASSWORD_RESET_WINDOW_MINUTES=30