Skip to main content

Configuration Overview

FinAI uses environment variables to manage sensitive configuration data. All configuration is centralized in config.py and loads values from a .env file.
config.py
import os
from dotenv import load_dotenv

# Get the current directory path
BASE_DIR = os.path.abspath(os.path.dirname(__file__))

# Load data from .env file
load_dotenv(os.path.join(BASE_DIR, '.env'))

class Config:
    SECRET_KEY = os.environ.get('SECRET_KEY') or 'khoa-mac-dinh-khong-an-toan'
    
    SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(BASE_DIR, 'instance', 'quanlychitieu.db')
    SQLALCHEMY_TRACK_MODIFICATIONS = False
    
    MAIL_SERVER = 'smtp.gmail.com'
    MAIL_PORT = 587
    MAIL_USE_TLS = True
    
    MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
    MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
    MAIL_DEFAULT_SENDER = os.environ.get('MAIL_USERNAME')

Environment Variables

Creating the .env File

Create a .env file in the root directory of your project: 
touch .env
Never commit your .env file to version control. Ensure it’s listed in .gitignore.

Required Variables

SECRET_KEY
string
required
Flask secret key used for session management, CSRF protection, and cryptographic signing.Generation:
import secrets
print(secrets.token_hex(32))
Example:
SECRET_KEY=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6
The default fallback value 'khoa-mac-dinh-khong-an-toan' is insecure and should never be used in production.
GEMINI_API_KEY
string
required
Google Gemini API key for AI-powered features including transaction categorization and chatbot functionality.How to obtain:
  1. Visit Google AI Studio
  2. Sign in with your Google account
  3. Create a new API key
  4. Copy the key to your .env file
Example:
GEMINI_API_KEY=AIzaSyC1234567890abcdefghijklmnopqrstuvw
Usage in code:
app/ai_service.py
class ExpenseAI:
    def __init__(self):
        api_key = os.environ.get('GEMINI_API_KEY')
        self.client = genai.Client(api_key=api_key)
        self.model_name = 'gemini-2.5-flash'
Without this key, AI categorization and chatbot features will not function.
MAIL_USERNAME
string
required
Gmail address used to send password reset emails.Example:
[email protected]
MAIL_PASSWORD
string
required
Gmail App Password (not your regular Gmail password) for SMTP authentication.How to generate an App Password:
  1. Go to your Google Account settings
  2. Navigate to Security > 2-Step Verification
  3. Scroll to “App passwords” at the bottom
  4. Generate a new app password for “Mail”
  5. Copy the 16-character password
Example:
MAIL_PASSWORD=abcd efgh ijkl mnop
Use App Passwords, not your actual Gmail password. Regular passwords will not work with SMTP authentication.

Complete .env Template

.env
# Security Configuration
SECRET_KEY=your_secret_key_here

# Google Gemini AI Configuration
GEMINI_API_KEY=your_google_gemini_api_key_here

# Email Configuration (For Password Reset)
[email protected]
MAIL_PASSWORD=your_app_password

Email Configuration Details

The email system is used exclusively for password reset functionality. Configuration is handled in config.py: 
MAIL_SERVER = 'smtp.gmail.com'
MAIL_PORT = 587
MAIL_USE_TLS = True

MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
MAIL_DEFAULT_SENDER = os.environ.get('MAIL_USERNAME')
Supported Email Providers:
  • Gmail (default configuration)
  • For other providers, modify MAIL_SERVER and MAIL_PORT in config.py

Database Configuration

FinAI uses SQLite by default with automatic path resolution:
config.py
SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(BASE_DIR, 'instance', 'quanlychitieu.db')
SQLALCHEMY_TRACK_MODIFICATIONS = False
Database Location: instance/quanlychitieu.db
For production deployments, consider migrating to PostgreSQL or MySQL. Update the SQLALCHEMY_DATABASE_URI environment variable accordingly.

PostgreSQL Example (Production)

To use PostgreSQL in production:
  1. Install the PostgreSQL adapter:
pip install psycopg2-binary
  1. Add to .env:
DATABASE_URL=postgresql://username:password@localhost:5432/finai_db
  1. Modify config.py:
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
    'sqlite:///' + os.path.join(BASE_DIR, 'instance', 'quanlychitieu.db')

AI Model Configuration

The Gemini AI model is configured in ai_service.py:
app/ai_service.py
class ExpenseAI:
    def __init__(self):
        api_key = os.environ.get('GEMINI_API_KEY')
        self.client = genai.Client(api_key=api_key)
        
        # Model version
        self.model_name = 'gemini-2.5-flash'
Model Features:
  • Transaction categorization with JSON response
  • Context-aware chatbot with streaming responses
  • RAG (Retrieval Augmented Generation) for financial insights
Response times depend on Google Gemini API availability (typically 2-5 seconds).

Verifying Configuration

After setting up your .env file, verify the configuration: 
from config import Config

print(f"Secret Key: {'Set' if Config.SECRET_KEY else 'Not Set'}")
print(f"Database: {Config.SQLALCHEMY_DATABASE_URI}")
print(f"Mail Server: {Config.MAIL_SERVER}:{Config.MAIL_PORT}")
print(f"Mail User: {Config.MAIL_USERNAME}")
Never print actual secret values in production logs. Only verify that they are set.

Next Steps

With configuration complete, review Production Deployment best practices before deploying to a live environment.

Build docs developers (and LLMs) love

Get started for freeTalk to us