feat(config): Implement centralized configuration management system

- Add comprehensive configuration management with `config.py`
- Create centralized settings loader using Pydantic and environment variables
- Migrate existing environment variable usage to new configuration system
- Add `README.md` to explain configuration management approach
- Update health check and CORS middleware to use centralized settings
- Enhance database URI builder with robust connection string generation
- Improve security by centralizing configuration and validation
- Remove hardcoded environment variable access in favor of settings object
Rationale: Standardize configuration management, improve type safety, and provide a more robust approach to handling environment-specific settings across the application.

.env

@@ -1,15 +1,35 @@
-#MONGO_URI=mongodb+srv://appliedcommerce:xaqtoj-gikdaw-6giQdy@cluster0.qpc5d.mongodb.net/test??ssl=true&ssl_cert_reqs=CERT_NONE
-
 MONGO_URI=mongodb+srv://insightfy:k0KXafAbV8A8NmQK@cluster0.2shrc.mongodb.net/test??ssl=true&ssl_cert_reqs=CERT_NONE
 
 DB_NAME=book-my-service
 
 DATABASE_URI=postgresql+asyncpg://trans_owner:BookMyService7@ep-sweet-surf-a1qeduoy.ap-southeast-1.aws.neon.tech/bookmyservice?options=-csearch_path%3Dtrans
 
-
-
 CACHE_URI=redis-11382.c305.ap-south-1-1.ec2.redns.redis-cloud.com:11382
 
 #CACHE_URI=redis-11521.crce182.ap-south-1-1.ec2.redns.redis-cloud.com:11521
 
 CACHE_K=dLRZrhU1d5EP9N1CW6grUgsj7MyWIj2i
+
+
+RAZORPAY_KEY_ID=rzp_test_2UTAol2AFSV5VN
+
+RAZORPAY_KEY_SECRET=elb4JNjUw3eLqhVMiLFiRgki
+
+# JWT Configuration
+JWT_SECRET_KEY=2c3f5a7b9e1d4f6c8a2b5e7d9c1f3a5b7e9d2c4f6a8b0c1e3f5a7b9d1c3f5e7
+
+JWT_ALGORITHM=HS256
+JWT_ACCESS_TOKEN_EXPIRE_MINUTES=30
+
+# Security Configuration
+ALLOWED_HOSTS=localhost,127.0.0.1,bookmyservice.tech
+CORS_ORIGINS=http://localhost:3000,http://127.0.0.1:3000,https://bookmyservice.tech
+
+# Rate Limiting Configuration
+RATE_LIMIT_CALLS=100
+RATE_LIMIT_PERIOD=60
+
+# Cache Key Prefixes (Optional - defaults provided)
+CART_KEY_PREFIX=CA
+ORDER_KEY_PREFIX=OR
+APPOINTMENTS_KEY_PREFIX=AP

.gitignore

@@ -59,3 +59,4 @@ coverage.xml
 *.cover
 .hypothesis/
 .pytest_cache/
+.env

app/api/health.py

@@ -8,6 +8,7 @@ import logging
 from datetime import datetime
 
 from app.nosql import check_mongodb_health, check_redis_health
+from app.config.config import settings
 
 logger = logging.getLogger(__name__)
 router = APIRouter()
@@ -121,7 +122,7 @@ async def detailed_status() -> Dict[str, Any]:
                 "service": {
                     "name": "merchant-api",
                     "version": "1.0.0",
-                    "environment": os.getenv("ENVIRONMENT", "unknown"),
+                    "environment": settings.ENVIRONMENT,
                     "uptime_seconds": psutil.Process().create_time()
                 },
                 "databases": {
@@ -148,7 +149,7 @@ async def detailed_status() -> Dict[str, Any]:
                 "service": {
                     "name": "merchant-api",
                     "version": "1.0.0",
-                    "environment": os.getenv("ENVIRONMENT", "unknown")
+                    "environment": settings.ENVIRONMENT
                 },
                 "databases": {
                     "mongodb": {

app/app.py

@@ -34,11 +34,12 @@ app = FastAPI(
 #     max_request_size=10 * 1024 * 1024  # 10MB limit
 # )
 
-# CORS configuration - FIXED: Use specific domains in production
-allowed_origins = os.getenv("ALLOWED_ORIGINS", "http://localhost:3000,http://localhost:8000").split(",")
+# CORS configuration using centralized settings
+from app.config.config import settings
+
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=allowed_origins,  # Use environment variable for allowed origins
+    allow_origins=settings.CORS_ORIGINS,  # Use centralized configuration
     allow_credentials=True,
     allow_methods=["GET", "POST", "PUT", "DELETE"],  # Specific methods only
     allow_headers=["Content-Type", "Authorization", "X-CSRF-Token"],  # Specific headers only

app/config/README.md

@@ -0,0 +1,81 @@
+# Configuration Management
+
+This directory contains the centralized configuration management for the MHS service, following the same pattern as the AMS service.
+
+## Files
+
+- `config.py` - Main configuration file with centralized settings
+- `security_config.py` - Security-specific configuration
+- `nlp_config.py` - NLP-specific configuration
+
+## Usage
+
+### Basic Usage
+
+```python
+from app.config.config import settings
+
+# Database settings
+mongo_uri = settings.MONGO_URI
+db_name = settings.DB_NAME
+
+# Cache settings
+cache_uri = settings.CACHE_URI
+cache_key = settings.CACHE_K
+
+# JWT settings
+jwt_secret = settings.JWT_SECRET_KEY
+jwt_algorithm = settings.JWT_ALGORITHM
+
+# Generate cache keys
+cart_key = settings.get_cache_key("cart", user_id, "items")
+order_key = settings.get_cache_key("order", order_id)
+```
+
+### Configuration Validation
+
+```python
+from app.config.config import validate_configuration
+
+# Validate configuration on startup
+try:
+    validate_configuration()
+    print("✅ Configuration is valid")
+except ValueError as e:
+    print(f"❌ Configuration error: {e}")
+```
+
+### Environment Variables
+
+All configuration is loaded from environment variables with sensible defaults. Key variables include:
+
+- `MONGO_URI` - MongoDB connection string
+- `DATABASE_URI` - PostgreSQL connection string
+- `CACHE_URI` - Redis connection string
+- `CACHE_K` - Redis password
+- `JWT_SECRET_KEY` - JWT signing secret
+- `RAZORPAY_KEY_ID` - Payment gateway key
+- `RAZORPAY_KEY_SECRET` - Payment gateway secret
+- `CORS_ORIGINS` - Allowed CORS origins
+- `ALLOWED_HOSTS` - Allowed hosts
+
+## Migration from Direct os.getenv()
+
+Instead of:
+```python
+import os
+mongo_uri = os.getenv("MONGO_URI")
+```
+
+Use:
+```python
+from app.config.config import settings
+mongo_uri = settings.MONGO_URI
+```
+
+This provides:
+- Type safety
+- Default values
+- Validation
+- Centralized configuration
+- Better error handling

app/config/config.py

@@ -0,0 +1,202 @@
+import os
+from typing import Optional, Dict
+from urllib.parse import quote_plus
+from dotenv import load_dotenv
+
+# Load environment variables early so URI builder sees them
+load_dotenv()
+
+
+def build_database_uri(env: Dict[str, str] = os.environ) -> str:
+    """
+    Assemble a SQLAlchemy/asyncpg URI from separate env vars.
+    Supports:
+      - URL-encoding for user/password
+      - Default schema via ?options=-csearch_path=<schema>
+      - sslmode=require (e.g., Neon)
+    Honors DATABASE_URI if set (escape hatch/override).
+    """
+
+    # If already provided as a single secret, honor it and return immediately.
+    env = env or os.environ
+    direct_uri = env.get("DATABASE_URI") or env.get("DATABASE_URL")
+    if direct_uri:
+        return direct_uri
+
+    protocol = env.get("DB_PROTOCOL") or "postgresql+asyncpg"
+    user = env.get("DB_USER")
+    password = env.get("DB_PASSWORD")
+    host = env.get("DB_HOST") or "localhost"
+    port = env.get("DB_PORT") or "5432"
+    dbname = env.get("DB_NAME")
+
+    missing = [k for k, v in {"DB_USER": user, "DB_PASSWORD": password, "DB_NAME": dbname}.items() if not v]
+    if missing:
+        raise ValueError(f"Missing required environment variables: {', '.join(missing)}")
+
+    # Optional extras
+    schema = env.get("DB_SCHEMA")  # e.g., "trans"
+    # sslmode is not supported in asyncpg URI; SSL must be set programmatically if needed
+
+    # Build query params if schema provided
+    q = f"?options=-csearch_path={schema}" if schema else ""
+
+    # URL-encode credentials so special characters don't break the URI
+    user_enc = quote_plus(user)
+    password_enc = quote_plus(password)
+
+    return f"{protocol}://{user_enc}:{password_enc}@{host}:{port}/{dbname}{q}"
+
+
+# Single source of truth exported both ways for compatibility
+DATABASE_URI: str = build_database_uri()
+DATABASE_URL: str = DATABASE_URI
+
+
+class Settings:
+    """Application configuration settings"""
+    
+    # Database settings
+    DATABASE_URL: str = DATABASE_URL
+    MONGO_URI: str = os.getenv("MONGO_URI", "")
+    DB_NAME: str = os.getenv("DB_NAME", "book-my-service")
+    
+    # Redis/Cache settings
+    CACHE_URI: str = os.getenv("CACHE_URI", "redis://localhost:6379")
+    CACHE_K: str = os.getenv("CACHE_K", "")
+    
+    # Cache key prefixes (configurable via environment variables)
+    CART_KEY_PREFIX: str = os.getenv("CART_KEY_PREFIX", "cart")
+    ORDER_KEY_PREFIX: str = os.getenv("ORDER_KEY_PREFIX", "order")
+    APPOINTMENTS_KEY_PREFIX: str = os.getenv("APPOINTMENTS_KEY_PREFIX", "appointments")
+    
+    # Payment settings
+    RAZORPAY_KEY_ID: str = os.getenv("RAZORPAY_KEY_ID", "")
+    RAZORPAY_KEY_SECRET: str = os.getenv("RAZORPAY_KEY_SECRET", "")
+    
+    # JWT settings
+    # Prefer MHS-specific envs; gracefully fall back to UMS-compatible names
+    JWT_SECRET_KEY: str = os.getenv("JWT_SECRET_KEY") or os.getenv("SECRET_KEY")
+    JWT_ALGORITHM: str = os.getenv("JWT_ALGORITHM") or os.getenv("ALGORITHM", "HS256")
+    JWT_ACCESS_TOKEN_EXPIRE_MINUTES: int = int(
+        os.getenv("JWT_ACCESS_TOKEN_EXPIRE_MINUTES", os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "30"))
+    )
+    
+    # Security settings
+    # Include Hugging Face Spaces by default to avoid 400s behind their proxy.
+    # Override via ALLOWED_HOSTS env var in production as needed.
+    ALLOWED_HOSTS: list = os.getenv(
+        "ALLOWED_HOSTS",
+        "localhost,127.0.0.1,*.hf.space,bmsmhs-bookmyservice-mhs.hf.space"
+    ).split(",")
+    CORS_ORIGINS: list = os.getenv(
+        "CORS_ORIGINS",
+        "http://localhost:3000,http://127.0.0.1:3000"
+    ).split(",")
+    
+    # Rate limiting
+    RATE_LIMIT_CALLS: int = int(os.getenv("RATE_LIMIT_CALLS", "100"))
+    RATE_LIMIT_PERIOD: int = int(os.getenv("RATE_LIMIT_PERIOD", "60"))
+    
+    # NLP Configuration
+    SPACY_MODEL: str = os.getenv("SPACY_MODEL", "en_core_web_sm")
+    SENTENCE_TRANSFORMER_MODEL: str = os.getenv("SENTENCE_TRANSFORMER_MODEL", "all-MiniLM-L6-v2")
+    ENABLE_ADVANCED_NLP: bool = os.getenv("ENABLE_ADVANCED_NLP", "true").lower() == "true"
+    ENABLE_SEMANTIC_MATCHING: bool = os.getenv("ENABLE_SEMANTIC_MATCHING", "true").lower() == "true"
+    ENABLE_CONTEXT_PROCESSING: bool = os.getenv("ENABLE_CONTEXT_PROCESSING", "true").lower() == "true"
+    ENABLE_INTENT_CLASSIFICATION: bool = os.getenv("ENABLE_INTENT_CLASSIFICATION", "true").lower() == "true"
+    SEMANTIC_SIMILARITY_THRESHOLD: float = float(os.getenv("SEMANTIC_SIMILARITY_THRESHOLD", "0.6"))
+    
+    # Performance settings
+    ASYNC_PROCESSOR_MAX_WORKERS: int = int(os.getenv("ASYNC_PROCESSOR_MAX_WORKERS", "4"))
+    CACHE_DURATION_SECONDS: int = int(os.getenv("CACHE_DURATION_SECONDS", "3600"))
+    
+    # Business settings
+    DEFAULT_SEARCH_RADIUS_METERS: int = int(os.getenv("DEFAULT_SEARCH_RADIUS_METERS", "5000"))
+    MAX_ENTITY_MATCHES: int = int(os.getenv("MAX_ENTITY_MATCHES", "10"))
+    MAX_SEMANTIC_MATCHES: int = int(os.getenv("MAX_SEMANTIC_MATCHES", "5"))
+    
+    # Security settings
+    MAX_REQUEST_SIZE: int = int(os.getenv("MAX_REQUEST_SIZE", "10485760"))  # 10MB
+    MAX_STRING_LENGTH: int = int(os.getenv("MAX_STRING_LENGTH", "1000"))
+    MAX_LIST_ITEMS: int = int(os.getenv("MAX_LIST_ITEMS", "100"))
+    RATE_LIMIT_REQUESTS_PER_MINUTE: int = int(os.getenv("RATE_LIMIT_RPM", "60"))
+    RATE_LIMIT_BURST: int = int(os.getenv("RATE_LIMIT_BURST", "10"))
+    
+    # Logging settings
+    LOG_SANITIZATION_ENABLED: bool = os.getenv("LOG_SANITIZATION_ENABLED", "true").lower() == "true"
+    MAX_LOG_VALUE_LENGTH: int = int(os.getenv("MAX_LOG_VALUE_LENGTH", "500"))
+    NLP_LOG_LEVEL: str = os.getenv("NLP_LOG_LEVEL", "INFO")
+    ENABLE_PERFORMANCE_LOGGING: bool = os.getenv("ENABLE_PERFORMANCE_LOGGING", "true").lower() == "true"
+    
+    # Environment
+    ENVIRONMENT: str = os.getenv("ENVIRONMENT", "development")
+    
+    @classmethod
+    def get_cache_key(cls, key_type: str, *args) -> str:
+        """
+        Generate cache keys using configurable prefixes
+        
+        Args:
+            key_type: Type of cache key (cart, order, appointments)
+            *args: Additional arguments to include in the key
+            
+        Returns:
+            str: Formatted cache key
+        """
+        if key_type == "cart":
+            return f"{cls.CART_KEY_PREFIX}:{':'.join(map(str, args))}"
+        elif key_type == "order":
+            return f"{cls.ORDER_KEY_PREFIX}:{':'.join(map(str, args))}"
+        elif key_type == "appointments":
+            return f"{cls.APPOINTMENTS_KEY_PREFIX}:{':'.join(map(str, args))}"
+        else:
+            raise ValueError(f"Unknown cache key type: {key_type}")
+    
+    @classmethod
+    def validate_required_settings(cls) -> Dict[str, bool]:
+        """
+        Validate that required settings are present
+        
+        Returns:
+            Dict with validation results
+        """
+        validations = {
+            "mongo_uri": bool(cls.MONGO_URI),
+            "db_name": bool(cls.DB_NAME),
+            "cache_uri": bool(cls.CACHE_URI),
+            "cache_key": bool(cls.CACHE_K),
+            "jwt_secret": bool(cls.JWT_SECRET_KEY)
+        }
+        
+        return validations
+    
+    @classmethod
+    def get_missing_settings(cls) -> list:
+        """
+        Get list of missing required settings
+        
+        Returns:
+            List of missing setting names
+        """
+        validations = cls.validate_required_settings()
+        return [setting for setting, is_valid in validations.items() if not is_valid]
+
+
+# Global settings instance
+settings = Settings()
+
+
+def validate_configuration():
+    """
+    Validate configuration on startup
+    
+    Raises:
+        ValueError: If required configuration is missing
+    """
+    missing = settings.get_missing_settings()
+    if missing:
+        raise ValueError(f"Missing required configuration: {', '.join(missing)}")
+    
+    print("✅ Configuration validation passed")
+    return True

app/config/nlp_config.py

@@ -8,29 +8,32 @@ from typing import Dict, Any
 class NLPConfig:
     """Configuration class for NLP pipeline settings"""
     
+    # Import from centralized config
+    from app.config.config import settings
+    
     # Model settings
-    SPACY_MODEL = os.getenv("SPACY_MODEL", "en_core_web_sm")
-    SENTENCE_TRANSFORMER_MODEL = os.getenv("SENTENCE_TRANSFORMER_MODEL", "all-MiniLM-L6-v2")
+    SPACY_MODEL = settings.SPACY_MODEL
+    SENTENCE_TRANSFORMER_MODEL = settings.SENTENCE_TRANSFORMER_MODEL
     
     # Performance settings
-    ASYNC_PROCESSOR_MAX_WORKERS = int(os.getenv("ASYNC_PROCESSOR_MAX_WORKERS", "4"))
-    CACHE_DURATION_SECONDS = int(os.getenv("CACHE_DURATION_SECONDS", "3600"))  # 1 hour
-    SEMANTIC_SIMILARITY_THRESHOLD = float(os.getenv("SEMANTIC_SIMILARITY_THRESHOLD", "0.6"))
+    ASYNC_PROCESSOR_MAX_WORKERS = settings.ASYNC_PROCESSOR_MAX_WORKERS
+    CACHE_DURATION_SECONDS = settings.CACHE_DURATION_SECONDS
+    SEMANTIC_SIMILARITY_THRESHOLD = settings.SEMANTIC_SIMILARITY_THRESHOLD
     
     # Feature flags
-    ENABLE_ADVANCED_NLP = os.getenv("ENABLE_ADVANCED_NLP", "true").lower() == "true"
-    ENABLE_SEMANTIC_MATCHING = os.getenv("ENABLE_SEMANTIC_MATCHING", "true").lower() == "true"
-    ENABLE_CONTEXT_PROCESSING = os.getenv("ENABLE_CONTEXT_PROCESSING", "true").lower() == "true"
-    ENABLE_INTENT_CLASSIFICATION = os.getenv("ENABLE_INTENT_CLASSIFICATION", "true").lower() == "true"
+    ENABLE_ADVANCED_NLP = settings.ENABLE_ADVANCED_NLP
+    ENABLE_SEMANTIC_MATCHING = settings.ENABLE_SEMANTIC_MATCHING
+    ENABLE_CONTEXT_PROCESSING = settings.ENABLE_CONTEXT_PROCESSING
+    ENABLE_INTENT_CLASSIFICATION = settings.ENABLE_INTENT_CLASSIFICATION
     
     # Logging settings
-    NLP_LOG_LEVEL = os.getenv("NLP_LOG_LEVEL", "INFO")
-    ENABLE_PERFORMANCE_LOGGING = os.getenv("ENABLE_PERFORMANCE_LOGGING", "true").lower() == "true"
+    NLP_LOG_LEVEL = settings.NLP_LOG_LEVEL
+    ENABLE_PERFORMANCE_LOGGING = settings.ENABLE_PERFORMANCE_LOGGING
     
-    # Business-specific settings
-    DEFAULT_SEARCH_RADIUS_METERS = int(os.getenv("DEFAULT_SEARCH_RADIUS_METERS", "5000"))
-    MAX_ENTITY_MATCHES = int(os.getenv("MAX_ENTITY_MATCHES", "10"))
-    MAX_SEMANTIC_MATCHES = int(os.getenv("MAX_SEMANTIC_MATCHES", "5"))
+    # Business-specific settings - Use centralized config
+    DEFAULT_SEARCH_RADIUS_METERS = settings.DEFAULT_SEARCH_RADIUS_METERS
+    MAX_ENTITY_MATCHES = settings.MAX_ENTITY_MATCHES
+    MAX_SEMANTIC_MATCHES = settings.MAX_SEMANTIC_MATCHES
     
     # Service category mappings
     SERVICE_CATEGORY_MAPPINGS = {

app/config/security_config.py

@@ -8,17 +8,18 @@ from typing import List, Dict, Any
 class SecurityConfig:
     """Security configuration class"""
     
-    # Input validation settings
-    MAX_REQUEST_SIZE = int(os.getenv("MAX_REQUEST_SIZE", "10485760"))  # 10MB
-    MAX_STRING_LENGTH = int(os.getenv("MAX_STRING_LENGTH", "1000"))
-    MAX_LIST_ITEMS = int(os.getenv("MAX_LIST_ITEMS", "100"))
+    # Input validation settings - Use centralized config
+    MAX_REQUEST_SIZE = settings.MAX_REQUEST_SIZE
+    MAX_STRING_LENGTH = settings.MAX_STRING_LENGTH
+    MAX_LIST_ITEMS = settings.MAX_LIST_ITEMS
     
     # Rate limiting settings
-    RATE_LIMIT_REQUESTS_PER_MINUTE = int(os.getenv("RATE_LIMIT_RPM", "60"))
-    RATE_LIMIT_BURST = int(os.getenv("RATE_LIMIT_BURST", "10"))
+    RATE_LIMIT_REQUESTS_PER_MINUTE = settings.RATE_LIMIT_REQUESTS_PER_MINUTE
+    RATE_LIMIT_BURST = settings.RATE_LIMIT_BURST
     
-    # CORS settings
-    ALLOWED_ORIGINS = os.getenv("ALLOWED_ORIGINS", "http://localhost:3000").split(",")
+    # CORS settings - Import from centralized config
+    from app.config.config import settings
+    ALLOWED_ORIGINS = settings.CORS_ORIGINS
     ALLOWED_METHODS = ["GET", "POST", "PUT", "DELETE"]
     ALLOWED_HEADERS = ["Content-Type", "Authorization", "X-CSRF-Token"]
     
@@ -70,8 +71,8 @@ class SecurityConfig:
     }
     
     # Logging configuration
-    LOG_SANITIZATION_ENABLED = os.getenv("LOG_SANITIZATION_ENABLED", "true").lower() == "true"
-    MAX_LOG_VALUE_LENGTH = int(os.getenv("MAX_LOG_VALUE_LENGTH", "500"))
+    LOG_SANITIZATION_ENABLED = settings.LOG_SANITIZATION_ENABLED
+    MAX_LOG_VALUE_LENGTH = settings.MAX_LOG_VALUE_LENGTH
     
     @classmethod
     def get_rate_limit(cls, endpoint: str) -> int:

app/nosql.py

@@ -5,6 +5,7 @@ from redis.exceptions import RedisError
 from dotenv import load_dotenv
 import logging
 from datetime import datetime
+from app.config.config import settings, validate_configuration
 
 # Configure logging
 logging.basicConfig(
@@ -16,20 +17,20 @@ logger = logging.getLogger(__name__)
 # Load environment variables from .env file (fallback)
 load_dotenv()
 
-# MongoDB configuration with fallback to environment variables
-MONGO_URI = os.getenv('MONGO_URI')
-DB_NAME = os.getenv('DB_NAME', 'book-my-service')
-
-# Redis configuration with fallback to environment variables
-CACHE_URI = os.getenv('CACHE_URI')
-CACHE_K = os.getenv('CACHE_K')
+# Validate configuration on import
+try:
+    validate_configuration()
+except ValueError as e:
+    logger.error(f"Configuration validation failed: {e}")
+    raise
 
-# Validate that we have the required configuration
-if not MONGO_URI or not DB_NAME:
-    raise ValueError("MongoDB configuration is missing. Please check your environment variables.")
+# MongoDB configuration using settings
+MONGO_URI = settings.MONGO_URI
+DB_NAME = settings.DB_NAME
 
-if not CACHE_URI or not CACHE_K:
-    raise ValueError("Redis configuration is missing. Please check your environment variables.")
+# Redis configuration using settings
+CACHE_URI = settings.CACHE_URI
+CACHE_K = settings.CACHE_K
 
 # Parse Redis host and port safely
 try: