Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/sagar-grv/ayush-synapse/llms.txt

Use this file to discover all available pages before exploring further.

Ayush Synapse reads all configuration from environment variables, which are loaded by python-dotenv from a .env file in the project root if one is present. No code changes are needed to switch between development and production modes — every behaviour is controlled by the variables described below. To get started, copy the provided example file: 
cp .env.example .env
Then edit .env to match your environment before starting the server.
The default JWT_SECRET_KEY (namaste-icd11-mvp-demo-secret-key-2025) is a publicly known demo value committed to the repository. Any JWT signed with it can be trivially forged. You must replace it with a cryptographically strong secret before deploying to any environment accessible outside your local machine.

Environment Variable Reference

JWT_SECRET_KEY
string
required
Secret key used to sign and verify JSON Web Tokens. In production this must be a long, randomly generated string.Default (demo only): namaste-icd11-mvp-demo-secret-key-2025Generate a strong value with:
python -c "import secrets; print(secrets.token_hex(48))"
FLASK_DEBUG
boolean
Enables Flask debug mode, which activates the interactive debugger and auto-reloader. Never enable in production — the debugger exposes an interactive Python console.Default: False
FLASK_HOST
string
The network interface the Flask development server binds to. 0.0.0.0 listens on all interfaces (required for Docker). Use 127.0.0.1 to restrict to localhost only.Default: 0.0.0.0
FLASK_PORT
integer
The TCP port the Flask server listens on.Default: 5000
CORS_ORIGINS
string
Comma-separated list of allowed CORS origins sent in Access-Control-Allow-Origin response headers. Use * only for local development; set explicit origins in production.Default: *Example (production): https://app.example.com,https://admin.example.com
DEMO_MODE
boolean
When True, the application runs in MVP demo mode: seed data is loaded, all features are unlocked, and demo tokens are accepted without a real user database.Default: True
DEMO_USER_ACCESS
boolean
When True, demo users can access all protected endpoints using a token obtained from POST /auth/login without any additional provisioning. Set to false to require real user accounts.Default: True
DATABASE_URL
string
SQLAlchemy connection string for the application database. Defaults to a local SQLite file suitable for development and single-instance Docker deployments. Switch to PostgreSQL for production.Default: sqlite:///ayush_synapse.dbPostgreSQL format: postgresql://user:password@host:5432/ayush_synapse
LOG_LEVEL
string
Python logging level. Accepted values: DEBUG, INFO, WARNING, ERROR, CRITICAL.Default: INFO
LOG_FILE
string
Path to the log file. Relative paths are resolved from the project root. Set to an empty string or omit to log to stdout only.Default: app.log
RATELIMIT_STORAGE_URL
string
Backend used by Flask-Limiter to store rate-limit counters. memory:// is process-local and lost on restart; use a Redis URL (redis://host:6379/0) for multi-process or multi-container deployments.Default: memory://

Production Checklist

1

Generate a Strong JWT_SECRET_KEY

Replace the demo key with a cryptographically random secret. Treat it like a database password — store it in a secrets manager or CI/CD secret store, never in source control.
python -c "import secrets; print(secrets.token_hex(48))"
Add the output to your .env or inject it as an environment variable in your deployment platform:
JWT_SECRET_KEY=<your-generated-secret>
2

Point DATABASE_URL at PostgreSQL

SQLite is single-writer and file-based — it cannot support concurrent connections from multiple workers or containers. Switch to PostgreSQL for any production workload:
DATABASE_URL=postgresql://user:password@db-host:5432/ayush_synapse
Ensure psycopg2-binary (already in requirements.txt) is available in your runtime environment.
3

Restrict CORS_ORIGINS

Replace the wildcard with a comma-separated allowlist of the exact origins your front-end is served from:
CORS_ORIGINS=https://app.example.com,https://admin.example.com
4

Disable Flask Debug Mode

Confirm FLASK_DEBUG is explicitly set to False. This prevents the Werkzeug interactive debugger from being accessible over the network:
FLASK_DEBUG=False
5

Disable Demo Mode for Real User Workloads

Once real user accounts and a production database are in place, turn off demo mode so that unauthenticated demo tokens are rejected:
DEMO_MODE=False
DEMO_USER_ACCESS=false

Example .env Files

# -----------------------------------------------
# Ayush Synapse — Development Configuration
# -----------------------------------------------

# Use the demo key locally; SQLite needs no setup
JWT_SECRET_KEY=namaste-icd11-mvp-demo-secret-key-2025

# Flask
FLASK_DEBUG=False
FLASK_HOST=0.0.0.0
FLASK_PORT=5000

# Allow all origins during local development
CORS_ORIGINS=*

# Demo mode gives full feature access without user provisioning
DEMO_MODE=True
DEMO_USER_ACCESS=true

# SQLite — no external database required
DATABASE_URL=sqlite:///ayush_synapse.db

# Logging
LOG_LEVEL=INFO
LOG_FILE=app.log

# In-memory rate limiting (single process)
RATELIMIT_STORAGE_URL=memory://

Build docs developers (and LLMs) love

Get started for freeTalk to us