Remove default values from cli and modify config.js file

2024-05-08 10:51:33 +03:00
parent e838e41f07
commit d3edcebc98
4 changed files with 27 additions and 10 deletions
--- a/src/config/index.js
+++ b/src/config/index.js
@@ -20,7 +20,7 @@ const envVarsSchema = Joi.object()
    VERBOSE: Joi.string().valid('console', null).default(null),

    CORS_ORIGIN_WHITELIST: Joi.string().default('*'),
-    AUTH: Joi.boolean().default(false),
+    AUTH: Joi.boolean(),

    RATE_LIMIT_ENABLED: Joi.boolean().default(false),
    RATE_LIMIT_WINDOW_MS: Joi.number().positive().default(1000),
@@ -33,9 +33,9 @@ const envVarsSchema = Joi.object()
    INITIAL_USER_USERNAME: Joi.string(),
    INITIAL_USER_PASSWORD: Joi.string(),

-    TOKEN_SECRET: Joi.string().default(null),
-    ACCESS_TOKEN_EXPIRATION_TIME: Joi.string().default('5H'),
-    REFRESH_TOKEN_EXPIRATION_TIME: Joi.string().default('3D'),
+    TOKEN_SECRET: Joi.string(),
+    ACCESS_TOKEN_EXPIRATION_TIME: Joi.string(),
+    REFRESH_TOKEN_EXPIRATION_TIME: Joi.string(),
  })
  .unknown();

@@ -113,12 +113,16 @@ module.exports = {
      envVars.CORS_ORIGIN_WHITELIST?.split(',') || ['*'],
  },

-  auth: argv.auth || envVars.AUTH,
-  tokenSecret: argv.tokensecret || envVars.TOKEN_SECRET,
+  auth: argv.auth || envVars.AUTH || false,
+  tokenSecret: argv.tokensecret || envVars.TOKEN_SECRET || null,
  accessTokenExpirationTime:
-    argv.accesstokenexpirationtime || envVars.ACCESS_TOKEN_EXPIRATION_TIME,
+    argv.accesstokenexpirationtime ||
+    envVars.ACCESS_TOKEN_EXPIRATION_TIME ||
+    '5H',
  refreshTokenExpirationTime:
-    argv.refreshtokenexpirationtime || envVars.REFRESH_TOKEN_EXPIRATION_TIME,
+    argv.refreshtokenexpirationtime ||
+    envVars.REFRESH_TOKEN_EXPIRATION_TIME ||
+    '3D',

  initialUserUsername:
    argv.initialuserusername || envVars.INITIAL_USER_USERNAME,
--- a/src/controllers/auth/common.js
+++ b/src/controllers/auth/common.js
@@ -13,4 +13,12 @@ const isUsernameTaken = (username) => {
  return users.length > 0;
 };

-module.exports = { isUsernameTaken };
+const checkAuthConfigs = ({ auth, tokenSecret }) => {
+  if (auth && !tokenSecret) {
+    throw new Error(
+      'You need to provide a token secret either from the CLI or from your environment variables',
+    );
+  }
+};
+
+module.exports = { isUsernameTaken, checkAuthConfigs };
--- a/src/controllers/auth/index.js
+++ b/src/controllers/auth/index.js
@@ -1,5 +1,6 @@
 const users = require('./user');
 const token = require('./token');
 const tables = require('./tables');
+const { checkAuthConfigs } = require('./common');

-module.exports = { ...users, ...token, ...tables };
+module.exports = { ...users, ...token, ...tables, checkAuthConfigs };
--- a/src/index.js
+++ b/src/index.js
@@ -23,6 +23,7 @@ const {
  createDefaultTables,
  createInitialUser,
  removeRevokedRefreshTokens,
+  checkAuthConfigs,
 } = require('./controllers/auth');

 const { runCLICommands } = require('./commands');
@@ -85,6 +86,9 @@ if (config.rateLimit.enabled) {
  app.use(limiter);
 }

+// If Auth mode is activated but if the tokenSecret value is undefined then throw an error
+checkAuthConfigs({ auth: config.auth, tokenSecret: config.tokenSecret });
+
 // If Auth mode is activated then create auth tables in the DB & create a super user if there are no users in the DB
 if (config.auth) {
  createDefaultTables();