From d3edcebc98222a6eabc43155ecdd894bcb7de74e Mon Sep 17 00:00:00 2001 From: AbegaM Date: Wed, 8 May 2024 10:51:33 +0300 Subject: [PATCH] Remove default values from cli and modify config.js file --- src/config/index.js | 20 ++++++++++++-------- src/controllers/auth/common.js | 10 +++++++++- src/controllers/auth/index.js | 3 ++- src/index.js | 4 ++++ 4 files changed, 27 insertions(+), 10 deletions(-) diff --git a/src/config/index.js b/src/config/index.js index 617e403..5538d3a 100644 --- a/src/config/index.js +++ b/src/config/index.js @@ -20,7 +20,7 @@ const envVarsSchema = Joi.object() VERBOSE: Joi.string().valid('console', null).default(null), CORS_ORIGIN_WHITELIST: Joi.string().default('*'), - AUTH: Joi.boolean().default(false), + AUTH: Joi.boolean(), RATE_LIMIT_ENABLED: Joi.boolean().default(false), RATE_LIMIT_WINDOW_MS: Joi.number().positive().default(1000), @@ -33,9 +33,9 @@ const envVarsSchema = Joi.object() INITIAL_USER_USERNAME: Joi.string(), INITIAL_USER_PASSWORD: Joi.string(), - TOKEN_SECRET: Joi.string().default(null), - ACCESS_TOKEN_EXPIRATION_TIME: Joi.string().default('5H'), - REFRESH_TOKEN_EXPIRATION_TIME: Joi.string().default('3D'), + TOKEN_SECRET: Joi.string(), + ACCESS_TOKEN_EXPIRATION_TIME: Joi.string(), + REFRESH_TOKEN_EXPIRATION_TIME: Joi.string(), }) .unknown(); @@ -113,12 +113,16 @@ module.exports = { envVars.CORS_ORIGIN_WHITELIST?.split(',') || ['*'], }, - auth: argv.auth || envVars.AUTH, - tokenSecret: argv.tokensecret || envVars.TOKEN_SECRET, + auth: argv.auth || envVars.AUTH || false, + tokenSecret: argv.tokensecret || envVars.TOKEN_SECRET || null, accessTokenExpirationTime: - argv.accesstokenexpirationtime || envVars.ACCESS_TOKEN_EXPIRATION_TIME, + argv.accesstokenexpirationtime || + envVars.ACCESS_TOKEN_EXPIRATION_TIME || + '5H', refreshTokenExpirationTime: - argv.refreshtokenexpirationtime || envVars.REFRESH_TOKEN_EXPIRATION_TIME, + argv.refreshtokenexpirationtime || + envVars.REFRESH_TOKEN_EXPIRATION_TIME || + '3D', initialUserUsername: argv.initialuserusername || envVars.INITIAL_USER_USERNAME, diff --git a/src/controllers/auth/common.js b/src/controllers/auth/common.js index 777930d..ac3d17d 100644 --- a/src/controllers/auth/common.js +++ b/src/controllers/auth/common.js @@ -13,4 +13,12 @@ const isUsernameTaken = (username) => { return users.length > 0; }; -module.exports = { isUsernameTaken }; +const checkAuthConfigs = ({ auth, tokenSecret }) => { + if (auth && !tokenSecret) { + throw new Error( + 'You need to provide a token secret either from the CLI or from your environment variables', + ); + } +}; + +module.exports = { isUsernameTaken, checkAuthConfigs }; diff --git a/src/controllers/auth/index.js b/src/controllers/auth/index.js index d7e3c44..6fa24f1 100644 --- a/src/controllers/auth/index.js +++ b/src/controllers/auth/index.js @@ -1,5 +1,6 @@ const users = require('./user'); const token = require('./token'); const tables = require('./tables'); +const { checkAuthConfigs } = require('./common'); -module.exports = { ...users, ...token, ...tables }; +module.exports = { ...users, ...token, ...tables, checkAuthConfigs }; diff --git a/src/index.js b/src/index.js index 3fe765d..952a79a 100755 --- a/src/index.js +++ b/src/index.js @@ -23,6 +23,7 @@ const { createDefaultTables, createInitialUser, removeRevokedRefreshTokens, + checkAuthConfigs, } = require('./controllers/auth'); const { runCLICommands } = require('./commands'); @@ -85,6 +86,9 @@ if (config.rateLimit.enabled) { app.use(limiter); } +// If Auth mode is activated but if the tokenSecret value is undefined then throw an error +checkAuthConfigs({ auth: config.auth, tokenSecret: config.tokenSecret }); + // If Auth mode is activated then create auth tables in the DB & create a super user if there are no users in the DB if (config.auth) { createDefaultTables();