import Config

# Note we also include the path to a cache manifest
# containing the digested version of static files. This
# manifest is generated by the `mix assets.deploy` task,
# which you should run after static files are built and
# before starting your production server.
config :da_product_app, DaProductAppWeb.Endpoint,
  cache_static_manifest: "priv/static/cache_manifest.json",
  # Force HTTPS for all requests in production
  force_ssl: [hsts: true, host: nil],
  # Additional security configurations
  check_origin: true

# Configures Swoosh API Client
config :swoosh, api_client: Swoosh.ApiClient.Finch, finch_name: DaProductApp.Finch

# Disable Swoosh Local Memory Storage
config :swoosh, local: false

# NPCI UPI Configuration for production
config :da_product_app,
  # NPCI Endpoints (Production environment)
  npci_heartbeat_endpoint: "https://nfinite.in/iupi/RespHbt/2.0/urn:txnid:",
  npci_qr_validation_endpoint: "https://nfinite.in/iupi/RespValQr/2.0/urn:txnid:",
  npci_transaction_endpoint: "https://nfinite.in/iupi/transaction",
  npci_reqpay_endpoint: "https://nfinite.in/iupi/ReqPay/2.0/urn:txnid:",
 # npci_resppay_endpoint: "https://nfinite.in/iupi/RespPay/2.0/urn:txnid:",

  # PSP Configuration
  psp_org_id: "MER101",
  psp_ref_url: "https://mercurypay.ariticapp.com",

  # NPCI Authentication Configuration (Production)
  npci_client_cert_path: System.get_env("NPCI_CLIENT_CERT_PATH") || "certs/npci_client.pem",
  npci_client_key_path: System.get_env("NPCI_CLIENT_KEY_PATH") || "certs/npci_client_key.pem",
  npci_registered_org_ids: ["MER101"], # Only registered production orgIds

  # Environment Configuration
  environment: :prod,

  # Heartbeat Configuration
  heartbeat_response_timeout: 30_000,  # 30 seconds
  heartbeat_retry_attempts: 3



# Do not print debug messages in production
config :logger, level: :info

# Runtime production configuration, including reading
# of environment variables, is done on config/runtime.exs.