# Multi-Event Invitation Management System # Environment Configuration # ============================================ # IMPORTANT: Never commit secrets to git. Use this file locally only. # For production, use secure secret management (environment variables, Kubernetes Secrets, etc.) # ============================================ # DATABASE CONFIGURATION # ============================================ # PostgreSQL database URL # Format: postgresql://username:password@host:port/database_name DATABASE_URL=postgresql://wedding_admin:Aa123456@localhost:5432/wedding_guests # ============================================ # FRONTEND CONFIGURATION # ============================================ # Frontend URL for CORS and redirects # Used to allow requests from your frontend application FRONTEND_URL=http://localhost:5173 # ============================================ # ADMIN LOGIN (Default Credentials) # ============================================ # These are the default admin credentials for the system # Username for admin login ADMIN_USERNAME=admin # Password for admin login (change in production!) ADMIN_PASSWORD=wedding2025 # ============================================ # WHATSAPP CLOUD API CONFIGURATION # ============================================ # Full setup guide: https://developers.facebook.com/docs/whatsapp/cloud-api # Get these credentials from Meta's WhatsApp Business Platform # 1. WHATSAPP_ACCESS_TOKEN # What is it: Your permanent access token for WhatsApp API # Where to get it: # 1. Go to https://developers.facebook.com/ # 2. Select your WhatsApp Business Account app # 3. Go to "System User" or "Settings" > "Apps & Sites" # 4. Create/select a System User # 5. Generate a permanent token with scopes: # - whatsapp_business_messaging # - whatsapp_business_management # How to get yours: Check your Meta Business Manager WHATSAPP_ACCESS_TOKEN=YOUR_PERMANENT_ACCESS_TOKEN_HERE # Example: EAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # 2. WHATSAPP_PHONE_NUMBER_ID # What is it: The ID of your WhatsApp Business phone number # Where to get it: # 1. Go to https://developers.facebook.com/ # 2. Select your WhatsApp Business Account app # 3. Go to "API Setup" or "Phone Numbers" # 4. Find your phone number (registered WhatsApp SIM) # 5. The ID will be shown there (usually 15+ digits) # Example format: 123456789012345 WHATSAPP_PHONE_NUMBER_ID=YOUR_PHONE_NUMBER_ID_HERE # 3. WHATSAPP_API_VERSION # What is it: The API version to use (usually v20.0 or later) # Current version: v20.0 # Update check: https://developers.facebook.com/docs/graph-api/changelog WHATSAPP_API_VERSION=v20.0 # 4. WHATSAPP_TEMPLATE_NAME # What is it: The exact name of your approved message template in Meta # IMPORTANT: Must match exactly (case-sensitive) what you created in Meta # Where to get it: # 1. Go to https://www.facebook.com/business/tools/meta-business-platform # 2. Navigate to "Message Templates" # 3. Look for your template (e.g., "wedding_invitation") # 4. Copy the exact template name # Your template status must be "APPROVED" (not pending or rejected) # # Example template body (Hebrew wedding invitation): # היי {{1}} 🤍 # זה קורה! 🎉 # {{2}} ו-{{3}} מתחתנים ונשמח שתהיה/י איתנו ברגע המיוחד הזה ✨ # 📍 האולם: "{{4}}" # 📅 התאריך: {{5}} # 🕒 השעה: {{6}} # לאישור הגעה ופרטים נוספים: # {{7}} # מתרגשים ומצפים לראותך 💞 # # Template variables auto-filled by system: # {{1}} = Guest first name (or "חבר" if empty) # {{2}} = Partner 1 name (you provide: e.g., "David") # {{3}} = Partner 2 name (you provide: e.g., "Sarah") # {{4}} = Venue name (you provide: e.g., "Grand Hall") # {{5}} = Event date (auto-formatted to DD/MM) # {{6}} = Event time (you provide: HH:mm format) # {{7}} = RSVP link (you provide custom URL) WHATSAPP_TEMPLATE_NAME=wedding_invitation # 5. WHATSAPP_LANGUAGE_CODE # What is it: Language code for the template # Values for your template: Usually "he" for Hebrew # Other examples: "en" (English), "en_US" (US English) # Meta uses either ISO 639-1 (he) or Meta format (he_IL) # Check your template settings to see which format is used WHATSAPP_LANGUAGE_CODE=he # 6. WHATSAPP_VERIFY_TOKEN (Optional - only for webhooks) # What is it: Token for verifying webhook callbacks from Meta # Only needed if you want to receive message status updates # Create any secure string for this # Where to use: # 1. Go to App Settings > Webhooks # 2. Set this token as your "Verify Token" # Optional - can leave empty if not using webhooks WHATSAPP_VERIFY_TOKEN=your_webhook_verify_token_optional # ============================================ # GOOGLE OAUTH CONFIGURATION (OPTIONAL) # ============================================ # Only needed if using Google Contacts import feature # Get these from Google Cloud Console: https://console.cloud.google.com/ # Google OAuth Client ID GOOGLE_CLIENT_ID=your_google_client_id_here.apps.googleusercontent.com # Google OAuth Client Secret GOOGLE_CLIENT_SECRET=your_google_client_secret_here # Google OAuth Redirect URI (must match in Google Cloud Console) GOOGLE_REDIRECT_URI=http://localhost:8000/auth/google/callback # ============================================ # TESTING CONFIGURATION # ============================================ # Email to use as test user when developing TEST_USER_EMAIL=test@example.com # ============================================ # APPLICATION CONFIGURATION # ============================================ # Logging level: DEBUG, INFO, WARNING, ERROR, CRITICAL LOG_LEVEL=INFO # API port (default: 8000) API_PORT=8000 # API host (default: 0.0.0.0 for all interfaces) API_HOST=0.0.0.0 # Application environment: development, staging, production ENVIRONMENT=development # ============================================ # QUICK SETUP CHECKLIST # ============================================ # Follow these steps to get your WhatsApp integration working: # # 1. Get WhatsApp Credentials: # [ ] Go to https://developers.facebook.com/ # [ ] Set up WhatsApp Business Account # [ ] Register a WhatsApp phone number (get Phone Number ID) # [ ] Generate permanent access token # [ ] Copy your template name from Meta Business Manager # # 2. Create Message Template (if not already done): # [ ] In Meta Business Manager, go to Message Templates # [ ] Create new template with your content # [ ] Wait for Meta approval (usually 24 hours) # [ ] Verify status is "APPROVED" # # 3. Fill in this .env file: # [ ] WHATSAPP_ACCESS_TOKEN # [ ] WHATSAPP_PHONE_NUMBER_ID # [ ] WHATSAPP_TEMPLATE_NAME (must match Meta exactly) # [ ] WHATSAPP_LANGUAGE_CODE # # 4. Test the integration: # [ ] Start backend server # [ ] Create a test event # [ ] Add your phone number as a guest # [ ] Select guest and click "שלח בוואטסאפ" # [ ] Verify message arrives in WhatsApp # # ============================================ # PRODUCTION DEPLOYMENT NOTES # ============================================ # Before deploying to production: # # 1. NEVER commit this file with real secrets to git # 2. Move secrets to environment variables or secrets manager: # - Kubernetes Secrets (if using K8s) # - AWS Secrets Manager # - Google Secret Manager # - Azure Key Vault # - Environment variables in deployment # # 3. Use stronger credentials: # - Change ADMIN_PASSWORD to something secure # - Rotate access tokens regularly # - Use separate tokens per environment # # 4. Enable HTTPS: # - Update FRONTEND_URL to use https:// # - Update GOOGLE_REDIRECT_URI to use https:// # - Get SSL certificates # # 5. Database security: # - Use strong password for DATABASE_URL # - Enable SSL for database connections # - Regular backups # - Restrict network access # # 6. Monitoring: # - Set LOG_LEVEL=WARNING for production # - Monitor API rate limits from Meta # - Track WhatsApp message delivery # - Log all authentication events