Initial InfraPulse scaffold

backend/app/core/__init__.py

@@ -0,0 +1 @@
+"""Core backend configuration."""

backend/app/core/config.py

@@ -0,0 +1,26 @@
+from functools import lru_cache
+
+from pydantic import AnyHttpUrl, Field
+from pydantic_settings import BaseSettings, SettingsConfigDict
+
+
+class Settings(BaseSettings):
+    model_config = SettingsConfigDict(env_file=".env", extra="ignore")
+
+    infrapulse_env: str = "development"
+    infrapulse_secret_key: str = Field(default="change-me", min_length=8)
+    database_url: str = "postgresql+psycopg://infrapulse:infrapulse@postgres:5432/infrapulse"
+    redis_url: str = "redis://redis:6379/0"
+    frontend_url: AnyHttpUrl | str = "http://localhost:5173"
+    backend_url: AnyHttpUrl | str = "http://localhost:8000"
+    initial_admin_email: str = "admin@example.com"
+    initial_admin_password: str = "change-me"
+    access_token_expire_minutes: int = 60 * 12
+
+
+@lru_cache
+def get_settings() -> Settings:
+    return Settings()
+
+
+settings = get_settings()

backend/app/core/secrets.py

@@ -0,0 +1,26 @@
+import base64
+import hashlib
+
+from cryptography.fernet import Fernet, InvalidToken
+
+from app.core.config import settings
+
+
+def _fernet() -> Fernet:
+    digest = hashlib.sha256(settings.infrapulse_secret_key.encode("utf-8")).digest()
+    return Fernet(base64.urlsafe_b64encode(digest))
+
+
+def encrypt_secret(value: str | None) -> str | None:
+    if not value:
+        return None
+    return _fernet().encrypt(value.encode("utf-8")).decode("utf-8")
+
+
+def decrypt_secret(value: str | None) -> str | None:
+    if not value:
+        return None
+    try:
+        return _fernet().decrypt(value.encode("utf-8")).decode("utf-8")
+    except InvalidToken:
+        return None