alee/golfgame
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13e98d330a
golfgame/.env.example
adlee-was-taken 6461a7f0c7 Add metered open signups, per-IP limits, and auth security hardening 
Enables public beta signup metering: DAILY_OPEN_SIGNUPS env var controls
how many users can register without an invite code per day (0=disabled,
-1=unlimited, N=daily cap). Invite codes always bypass the limit.

Also adds per-IP signup throttling (DAILY_SIGNUPS_PER_IP, default 3/day)
and fail-closed rate limiting on auth endpoints when Redis is down.

Client dynamically fetches /api/auth/signup-info to show invite field
as optional with remaining slots when open signups are enabled.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-24 14:28:28 -05:00

149 lines
4.9 KiB
Plaintext
Raw Blame History

# =============================================================================
# Golf Game Server Configuration
# =============================================================================
# Copy this file to .env and customize as needed.
# All values shown are defaults.
# -----------------------------------------------------------------------------
# Server Settings
# -----------------------------------------------------------------------------
# Host to bind to (0.0.0.0 for all interfaces)
HOST=0.0.0.0
# Port to listen on
PORT=8000
# Enable debug mode (more verbose logging, auto-reload)
DEBUG=false
# Logging level: DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_LEVEL=INFO
# Per-module log level overrides (optional)
# These override LOG_LEVEL for specific modules.
# LOG_LEVEL_GAME=DEBUG # Core game logic
# LOG_LEVEL_AI=DEBUG # AI decisions (very verbose at DEBUG)
# LOG_LEVEL_HANDLERS=DEBUG # WebSocket message handlers
# LOG_LEVEL_ROOM=DEBUG # Room/lobby management
# LOG_LEVEL_AUTH=DEBUG # Auth stack (auth, routers.auth, services.auth_service)
# LOG_LEVEL_STORES=DEBUG # Database/Redis operations
# --- Preset examples ---
# Staging (debug game logic, quiet everything else):
# LOG_LEVEL=INFO
# LOG_LEVEL_GAME=DEBUG
# LOG_LEVEL_AI=DEBUG
#
# Production (minimal logging):
# LOG_LEVEL=WARNING
# Environment name (development, staging, production)
ENVIRONMENT=development
# -----------------------------------------------------------------------------
# Database
# -----------------------------------------------------------------------------
# PostgreSQL connection URL (event sourcing, game logs, stats)
# For development with Docker: postgresql://golf:devpassword@localhost:5432/golf
DATABASE_URL=postgresql://golf:devpassword@localhost:5432/golf
# PostgreSQL URL for auth/stats features (can be same as DATABASE_URL)
POSTGRES_URL=postgresql://golf:devpassword@localhost:5432/golf
# -----------------------------------------------------------------------------
# Room Settings
# -----------------------------------------------------------------------------
# Maximum players per game room
MAX_PLAYERS_PER_ROOM=6
# Room timeout in minutes (inactive rooms are cleaned up)
ROOM_TIMEOUT_MINUTES=60
# Length of room codes (e.g., 4 = "ABCD")
ROOM_CODE_LENGTH=4
# -----------------------------------------------------------------------------
# Security & Authentication
# -----------------------------------------------------------------------------
# Secret key for JWT tokens (generate with: python -c "import secrets; print(secrets.token_hex(32))")
SECRET_KEY=
# Enable invite-only mode (requires invitation to register)
INVITE_ONLY=true
# Metered open signups (public beta)
# 0 = disabled (invite-only enforced), -1 = unlimited, N = max open signups per day
# When set > 0, users can register without an invite code up to the daily limit.
# Invite codes always work regardless of this limit.
DAILY_OPEN_SIGNUPS=0
# Max signups per IP address per day (0 = unlimited)
DAILY_SIGNUPS_PER_IP=3
# Bootstrap admin account (for first-time setup with INVITE_ONLY=true)
# Remove these after first login!
# BOOTSTRAP_ADMIN_USERNAME=admin
# BOOTSTRAP_ADMIN_PASSWORD=changeme12345
# Comma-separated list of admin email addresses
ADMIN_EMAILS=
# -----------------------------------------------------------------------------
# Game Defaults
# -----------------------------------------------------------------------------
# Default number of rounds (holes) per game
DEFAULT_ROUNDS=9
# Cards to flip at start of each round (0, 1, or 2)
DEFAULT_INITIAL_FLIPS=2
# Enable jokers in deck by default
DEFAULT_USE_JOKERS=false
# Require flipping a card after discarding from deck
DEFAULT_FLIP_ON_DISCARD=false
# -----------------------------------------------------------------------------
# Card Values (Standard 6-Card Golf)
# -----------------------------------------------------------------------------
# Customize point values for cards. Normally you shouldn't change these.
CARD_ACE=1
CARD_TWO=-2
CARD_KING=0
CARD_JOKER=-2
# House rule values
CARD_SUPER_KINGS=-2 # King value when super_kings enabled
CARD_TEN_PENNY=1 # 10 value when ten_penny enabled
CARD_LUCKY_SWING_JOKER=-5 # Joker value when lucky_swing enabled
# -----------------------------------------------------------------------------
# Production Features (Optional)
# -----------------------------------------------------------------------------
# Sentry error tracking
# SENTRY_DSN=https://your-sentry-dsn
# Resend API for emails (required for user registration/password reset)
# RESEND_API_KEY=your-api-key
# Enable rate limiting (recommended for production)
# RATE_LIMIT_ENABLED=true
# Redis URL (required for matchmaking and rate limiting)
# REDIS_URL=redis://localhost:6379
# Base URL for email links
# BASE_URL=https://your-domain.com
# Matchmaking (skill-based public games)
MATCHMAKING_ENABLED=true
MATCHMAKING_MIN_PLAYERS=2
MATCHMAKING_MAX_PLAYERS=4
Reference in New Issue View Git Blame Copy Permalink