# Backend Configuration
DATABASE_URL=sqlite:///./ai_tools.db
SECRET_KEY=your-secret-key-change-in-production

# CORS - comma-separated list of allowed origins for production
# Example: https://privacy-scanner.example.com,https://app.example.com
CORS_ORIGINS=http://localhost:3000

# API Keys (optional - for full functionality)
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...

# Frontend Configuration
PUBLIC_API_URL=http://localhost:8000

# SvelteKit ORIGIN (required for form actions in production)
ORIGIN=http://localhost:3000