-
Notifications
You must be signed in to change notification settings - Fork 1
Configuration
TypeAuthD configuration support DOESN'T support anything except proper json, I mean, NO jsonc, jsonp or (god bless toml) toml.
Here is the the whole, properly documented, configuration fields.
Here is the list of all required fields and reasons for it.
{
"app": {
// Required because.. I can't let you use any default value
// Remember about security...
"apiSecret": "API_KEY",
"admin": {
// Required, the reason for it is the same as for `apiSecret`
"jwtSecret": "JWT_SECRET"
}
},
"discord": {
// Required because there are no default value for this.
"clientId": "CLIENT_ID",
// Required, the reason as for it is the same as for `clientId`
"clientSecret": "CLIENT_SECRET",
// Required, of course I can set current value as default
// but I can't set it in runtime(because of the realization)
// so I can't know which port is currently set, https or http,
// set this on your own, don't be THIS lazy.
"redirectUri": "http://127.0.0.1:2424/auth/login/cb"
}
}The list of default values below:
{
"database": {
"provider": "sqlite",
"connection": "app.sqlite"
},
"app": {
"port": 2424,
"extraEnabled": true,
"logDirPath": "./logs/",
"https": {
"useSSL": false,
"keyFile": "",
"certFile": ""
},
"locale": "en",
"secure": false,
"trustProxy": false,
"admin": {
"pageSize": 30
},
"pathBase": "/".
"logLevel": "info"
}
}The main pitfall you can get is a validation fail. Validation errors are self-explanatory, so if you're sure validation is wrong, create an issue so I could fix it...
There are 2 validation types. "Usual" validation and "Post" Validation.
Usual Validation validates the only one config field, e.g without knowledge about values of other fields.
Post validation runs after "usual" and has full knowledge about other config fields, so it could perform validation depending on other fields values. Primarily used for "logic" checks. E.g if you have SSL you can safely turn on secure, aren't you?
{ // Data to setup database for TypeAuthD "database": { // Select database provider, `sqlite` or `postgres` // Important to note that `postgres` support hasn't // been properly tested now. "provider": "sqlite", // Connection string for selected provider // file path for `sqlite`, // postgres url for `postgres` "connection": "app.sqlite" }, // Data to setup Express application(not always Express) "app": { // Port to host Express application "port": 2424, // Extra table, for more info address to Extra wiki page. "extraEnabled": true, // App secret, change this to more secure value. "apiSecret": "key", // Directory to store logs, // this one is used only with NODE_ENV=production "logDirPath": "./logs/", // Category to specify https(http2) support, // so you can natively setup SSL "https": { // Use native SSL, all credentials should be PEM "useSSL": false, // Key file for SSL in PEM "keyFile": "./cert/key.pem", // Certificate for SSL in PEM "certFile": "./cert/cert.pem" }, // Default locale for web pages "locale": "en", // If your connection is secure. // E.g native SSL is specified // or you have a reverse proxy with https. "secure": false, // If you have a reverse proxy "trustProxy": false, // Admin routes configuration, primarily admin panel "admin": { // Admin Panel page size, currently 30 records per page. "pageSize": 30, // JWT secret to sign cookies. Change this to more secure value. "jwtSecret": "jwt_is_cool" }, // If you have a reverse proxy and you want to host TypeAuthD // from another route(not root), specify all other parts here. // E.g I want to host this on /discord/ route, I should set this to // `"pathBase": "/discord"` "pathBase": "/", // Minimum logs level, allowed: debug, info, warn, error. // Useful in development and deploying, when you're specifying pathBase and need to log all requests(debug mode). "logLevel": "info" }, // Data to setup OAuth2, the most important here IMO. "discord": { // Discord OAuth2 client id, you can find it here // https://discord.com/developers/applications "clientId": "CLIENT_ID", // Discord OAuth2 client secret, keep this secret from others. "clientSecret": "CLIENT_SECRET", // Redirect URI, should match the external URI of the resource. // E.g if you have public IP like: 175.133.144.244(took from head), // and your connection is not secure // then your redirect URI will be like: // http://175.133.144.244:6868/auth/login/cb // // This URI's URL MUST match /auth/login/cb, this route // handles authorization itself. // // The last thing you HAD to do, is to add REDIRECT_URI // at Discord Developer Portal at OAuth2 section. // Both, this redirect uri and at Discord Portal MUST match // or you will get a mismatch error when authorizing. "redirectUri": "http://127.0.0.1:2424/auth/login/cb" } }