Added CSP

internal/config/config.go

@@ -11,6 +11,7 @@ import (
 	"encoding/json"
 	"os"
 	"path/filepath"
+	"strings"
 
 	"github.com/kelseyhightower/envconfig"
 
@@ -60,6 +61,7 @@ type Config struct {
 	Recipients     RecipientsConfig     `json:"recipients"`
 	ConfigFilePath string               `json:"config_file_path" envconfig:"CONFIG_FILE_PATH"`
 	BaseURL        string               `json:"BaseUrl" envconfig:"BASE_URL"`
+	Env            string               `json:"Environment" default:"development" envconfig:"ENV"`
 	DB             DatabaseConfig       `json:"db"`
 	SMTP           SMTPConfig           `json:"smtp"`
 	Security       SecurityConfig       `json:"security"`
@@ -74,8 +76,15 @@ var (
 	Templates  TemplateConfig
 	SMTP       SMTPConfig
 	Recipients RecipientsConfig
+	Env        string
 	Security   SecurityConfig
 )
+var environmentOptions map[string]bool = map[string]bool{
+	"development": true,
+	"production":  true,
+	"dev":         true,
+	"prod":        true,
+}
 
 // LoadConfig initializes the configuration by reading from a file and environment variables.
 // It also generates JWT and CSRF secrets. Returns a Config pointer or an error if any step fails.
@@ -95,7 +104,11 @@ func LoadConfig() {
 	}
 	CFG.Auth.JWTSecret = jwtSecret
 	CFG.Auth.CSRFSecret = csrfSecret
-
+	if environmentOptions[CFG.Env] && strings.Contains("development", CFG.Env) {
+		CFG.Env = "development"
+	} else {
+		CFG.Env = "production"
+	}
 	Auth = CFG.Auth
 	DB = CFG.DB
 	Templates = CFG.Templates
@@ -103,6 +116,7 @@ func LoadConfig() {
 	BaseURL = CFG.BaseURL
 	Recipients = CFG.Recipients
 	Security = CFG.Security
+	Env = CFG.Env
 	logger.Info.Printf("Config loaded: %#v", CFG)
 }