diff options
author | vantezzen <hello@vantezzen.io> | 2019-10-18 21:43:42 +0200 |
---|---|---|
committer | vantezzen <hello@vantezzen.io> | 2019-10-18 21:43:42 +0200 |
commit | 1cfff4a4324e130aa7579ea8694438ade686dd55 (patch) | |
tree | 7f50f0142283aa1f1e41084dd8efa243ba91b8c0 /src/server/config | |
parent | Fix lint (diff) | |
download | ferdium-app-1cfff4a4324e130aa7579ea8694438ade686dd55.tar.gz ferdium-app-1cfff4a4324e130aa7579ea8694438ade686dd55.tar.zst ferdium-app-1cfff4a4324e130aa7579ea8694438ade686dd55.zip |
Move internal server to submodule
Diffstat (limited to 'src/server/config')
-rw-r--r-- | src/server/config/app.js | 242 | ||||
-rw-r--r-- | src/server/config/auth.js | 93 | ||||
-rw-r--r-- | src/server/config/bodyParser.js | 156 | ||||
-rw-r--r-- | src/server/config/cors.js | 86 | ||||
-rw-r--r-- | src/server/config/database.js | 83 | ||||
-rw-r--r-- | src/server/config/drive.js | 45 | ||||
-rw-r--r-- | src/server/config/hash.js | 48 | ||||
-rw-r--r-- | src/server/config/session.js | 98 | ||||
-rw-r--r-- | src/server/config/shield.js | 144 |
9 files changed, 0 insertions, 995 deletions
diff --git a/src/server/config/app.js b/src/server/config/app.js deleted file mode 100644 index 7938b81df..000000000 --- a/src/server/config/app.js +++ /dev/null | |||
@@ -1,242 +0,0 @@ | |||
1 | |||
2 | /** @type {import('@adonisjs/framework/src/Env')} */ | ||
3 | const Env = use('Env'); | ||
4 | |||
5 | module.exports = { | ||
6 | |||
7 | /* | ||
8 | |-------------------------------------------------------------------------- | ||
9 | | Application Name | ||
10 | |-------------------------------------------------------------------------- | ||
11 | | | ||
12 | | This value is the name of your application and can used when you | ||
13 | | need to place the application's name in a email, view or | ||
14 | | other location. | ||
15 | | | ||
16 | */ | ||
17 | |||
18 | name: Env.get('APP_NAME', 'Ferdi Internal Server'), | ||
19 | |||
20 | /* | ||
21 | |-------------------------------------------------------------------------- | ||
22 | | App Key | ||
23 | |-------------------------------------------------------------------------- | ||
24 | | | ||
25 | | App key is a randomly generated 16 or 32 characters long string required | ||
26 | | to encrypt cookies, sessions and other sensitive data. | ||
27 | | | ||
28 | */ | ||
29 | appKey: Env.getOrFail('APP_KEY'), | ||
30 | |||
31 | http: { | ||
32 | /* | ||
33 | |-------------------------------------------------------------------------- | ||
34 | | Allow Method Spoofing | ||
35 | |-------------------------------------------------------------------------- | ||
36 | | | ||
37 | | Method spoofing allows to make requests by spoofing the http verb. | ||
38 | | Which means you can make a GET request but instruct the server to | ||
39 | | treat as a POST or PUT request. If you want this feature, set the | ||
40 | | below value to true. | ||
41 | | | ||
42 | */ | ||
43 | allowMethodSpoofing: true, | ||
44 | |||
45 | /* | ||
46 | |-------------------------------------------------------------------------- | ||
47 | | Trust Proxy | ||
48 | |-------------------------------------------------------------------------- | ||
49 | | | ||
50 | | Trust proxy defines whether X-Forwarded-* headers should be trusted or not. | ||
51 | | When your application is behind a proxy server like nginx, these values | ||
52 | | are set automatically and should be trusted. Apart from setting it | ||
53 | | to true or false Adonis supports handful or ways to allow proxy | ||
54 | | values. Read documentation for that. | ||
55 | | | ||
56 | */ | ||
57 | trustProxy: false, | ||
58 | |||
59 | /* | ||
60 | |-------------------------------------------------------------------------- | ||
61 | | Subdomains | ||
62 | |-------------------------------------------------------------------------- | ||
63 | | | ||
64 | | Offset to be used for returning subdomains for a given request.For | ||
65 | | majority of applications it will be 2, until you have nested | ||
66 | | sudomains. | ||
67 | | cheatsheet.adonisjs.com - offset - 2 | ||
68 | | virk.cheatsheet.adonisjs.com - offset - 3 | ||
69 | | | ||
70 | */ | ||
71 | subdomainOffset: 2, | ||
72 | |||
73 | /* | ||
74 | |-------------------------------------------------------------------------- | ||
75 | | JSONP Callback | ||
76 | |-------------------------------------------------------------------------- | ||
77 | | | ||
78 | | Default jsonp callback to be used when callback query string is missing | ||
79 | | in request url. | ||
80 | | | ||
81 | */ | ||
82 | jsonpCallback: 'callback', | ||
83 | |||
84 | |||
85 | /* | ||
86 | |-------------------------------------------------------------------------- | ||
87 | | Etag | ||
88 | |-------------------------------------------------------------------------- | ||
89 | | | ||
90 | | Set etag on all HTTP response. In order to disable for selected routes, | ||
91 | | you can call the `response.send` with an options object as follows. | ||
92 | | | ||
93 | | response.send('Hello', { ignoreEtag: true }) | ||
94 | | | ||
95 | */ | ||
96 | etag: false, | ||
97 | }, | ||
98 | |||
99 | views: { | ||
100 | /* | ||
101 | |-------------------------------------------------------------------------- | ||
102 | | Cache Views | ||
103 | |-------------------------------------------------------------------------- | ||
104 | | | ||
105 | | Define whether or not to cache the compiled view. Set it to true in | ||
106 | | production to optimize view loading time. | ||
107 | | | ||
108 | */ | ||
109 | cache: Env.get('CACHE_VIEWS', true), | ||
110 | }, | ||
111 | |||
112 | static: { | ||
113 | /* | ||
114 | |-------------------------------------------------------------------------- | ||
115 | | Dot Files | ||
116 | |-------------------------------------------------------------------------- | ||
117 | | | ||
118 | | Define how to treat dot files when trying to server static resources. | ||
119 | | By default it is set to ignore, which will pretend that dotfiles | ||
120 | | does not exists. | ||
121 | | | ||
122 | | Can be one of the following | ||
123 | | ignore, deny, allow | ||
124 | | | ||
125 | */ | ||
126 | dotfiles: 'ignore', | ||
127 | |||
128 | /* | ||
129 | |-------------------------------------------------------------------------- | ||
130 | | ETag | ||
131 | |-------------------------------------------------------------------------- | ||
132 | | | ||
133 | | Enable or disable etag generation | ||
134 | | | ||
135 | */ | ||
136 | etag: true, | ||
137 | |||
138 | /* | ||
139 | |-------------------------------------------------------------------------- | ||
140 | | Extensions | ||
141 | |-------------------------------------------------------------------------- | ||
142 | | | ||
143 | | Set file extension fallbacks. When set, if a file is not found, the given | ||
144 | | extensions will be added to the file name and search for. The first | ||
145 | | that exists will be served. Example: ['html', 'htm']. | ||
146 | | | ||
147 | */ | ||
148 | extensions: false, | ||
149 | }, | ||
150 | |||
151 | locales: { | ||
152 | /* | ||
153 | |-------------------------------------------------------------------------- | ||
154 | | Loader | ||
155 | |-------------------------------------------------------------------------- | ||
156 | | | ||
157 | | The loader to be used for fetching and updating locales. Below is the | ||
158 | | list of available options. | ||
159 | | | ||
160 | | file, database | ||
161 | | | ||
162 | */ | ||
163 | loader: 'file', | ||
164 | |||
165 | /* | ||
166 | |-------------------------------------------------------------------------- | ||
167 | | Default Locale | ||
168 | |-------------------------------------------------------------------------- | ||
169 | | | ||
170 | | Default locale to be used by Antl provider. You can always switch drivers | ||
171 | | in runtime or use the official Antl middleware to detect the driver | ||
172 | | based on HTTP headers/query string. | ||
173 | | | ||
174 | */ | ||
175 | locale: 'en', | ||
176 | }, | ||
177 | |||
178 | logger: { | ||
179 | /* | ||
180 | |-------------------------------------------------------------------------- | ||
181 | | Transport | ||
182 | |-------------------------------------------------------------------------- | ||
183 | | | ||
184 | | Transport to be used for logging messages. You can have multiple | ||
185 | | transports using same driver. | ||
186 | | | ||
187 | | Available drivers are: `file` and `console`. | ||
188 | | | ||
189 | */ | ||
190 | transport: 'console', | ||
191 | |||
192 | /* | ||
193 | |-------------------------------------------------------------------------- | ||
194 | | Console Transport | ||
195 | |-------------------------------------------------------------------------- | ||
196 | | | ||
197 | | Using `console` driver for logging. This driver writes to `stdout` | ||
198 | | and `stderr` | ||
199 | | | ||
200 | */ | ||
201 | console: { | ||
202 | driver: 'console', | ||
203 | name: 'adonis-app', | ||
204 | level: 'info', | ||
205 | }, | ||
206 | |||
207 | /* | ||
208 | |-------------------------------------------------------------------------- | ||
209 | | File Transport | ||
210 | |-------------------------------------------------------------------------- | ||
211 | | | ||
212 | | File transport uses file driver and writes log messages for a given | ||
213 | | file inside `tmp` directory for your app. | ||
214 | | | ||
215 | | For a different directory, set an absolute path for the filename. | ||
216 | | | ||
217 | */ | ||
218 | file: { | ||
219 | driver: 'file', | ||
220 | name: 'adonis-app', | ||
221 | filename: 'adonis.log', | ||
222 | level: 'info', | ||
223 | }, | ||
224 | }, | ||
225 | |||
226 | /* | ||
227 | |-------------------------------------------------------------------------- | ||
228 | | Generic Cookie Options | ||
229 | |-------------------------------------------------------------------------- | ||
230 | | | ||
231 | | The following cookie options are generic settings used by AdonisJs to create | ||
232 | | cookies. However, some parts of the application like `sessions` can have | ||
233 | | separate settings for cookies inside `config/session.js`. | ||
234 | | | ||
235 | */ | ||
236 | cookie: { | ||
237 | httpOnly: true, | ||
238 | sameSite: false, | ||
239 | path: '/', | ||
240 | maxAge: 7200, | ||
241 | }, | ||
242 | }; | ||
diff --git a/src/server/config/auth.js b/src/server/config/auth.js deleted file mode 100644 index b831b06c6..000000000 --- a/src/server/config/auth.js +++ /dev/null | |||
@@ -1,93 +0,0 @@ | |||
1 | |||
2 | /** @type {import('@adonisjs/framework/src/Env')} */ | ||
3 | const Env = use('Env'); | ||
4 | |||
5 | module.exports = { | ||
6 | /* | ||
7 | |-------------------------------------------------------------------------- | ||
8 | | Authenticator | ||
9 | |-------------------------------------------------------------------------- | ||
10 | | | ||
11 | | Authentication is a combination of serializer and scheme with extra | ||
12 | | config to define on how to authenticate a user. | ||
13 | | | ||
14 | | Available Schemes - basic, session, jwt, api | ||
15 | | Available Serializers - lucid, database | ||
16 | | | ||
17 | */ | ||
18 | authenticator: 'jwt', | ||
19 | |||
20 | /* | ||
21 | |-------------------------------------------------------------------------- | ||
22 | | Session | ||
23 | |-------------------------------------------------------------------------- | ||
24 | | | ||
25 | | Session authenticator makes use of sessions to authenticate a user. | ||
26 | | Session authentication is always persistent. | ||
27 | | | ||
28 | */ | ||
29 | session: { | ||
30 | serializer: 'lucid', | ||
31 | model: 'App/Models/User', | ||
32 | scheme: 'session', | ||
33 | uid: 'email', | ||
34 | password: 'password', | ||
35 | }, | ||
36 | |||
37 | /* | ||
38 | |-------------------------------------------------------------------------- | ||
39 | | Basic Auth | ||
40 | |-------------------------------------------------------------------------- | ||
41 | | | ||
42 | | The basic auth authenticator uses basic auth header to authenticate a | ||
43 | | user. | ||
44 | | | ||
45 | | NOTE: | ||
46 | | This scheme is not persistent and users are supposed to pass | ||
47 | | login credentials on each request. | ||
48 | | | ||
49 | */ | ||
50 | basic: { | ||
51 | serializer: 'lucid', | ||
52 | model: 'App/Models/User', | ||
53 | scheme: 'basic', | ||
54 | uid: 'email', | ||
55 | password: 'password', | ||
56 | }, | ||
57 | |||
58 | /* | ||
59 | |-------------------------------------------------------------------------- | ||
60 | | Jwt | ||
61 | |-------------------------------------------------------------------------- | ||
62 | | | ||
63 | | The jwt authenticator works by passing a jwt token on each HTTP request | ||
64 | | via HTTP `Authorization` header. | ||
65 | | | ||
66 | */ | ||
67 | jwt: { | ||
68 | serializer: 'lucid', | ||
69 | model: 'App/Models/User', | ||
70 | scheme: 'jwt', | ||
71 | uid: 'email', | ||
72 | password: 'password', | ||
73 | options: { | ||
74 | secret: Env.get('APP_KEY'), | ||
75 | }, | ||
76 | }, | ||
77 | |||
78 | /* | ||
79 | |-------------------------------------------------------------------------- | ||
80 | | Api | ||
81 | |-------------------------------------------------------------------------- | ||
82 | | | ||
83 | | The Api scheme makes use of API personal tokens to authenticate a user. | ||
84 | | | ||
85 | */ | ||
86 | api: { | ||
87 | serializer: 'lucid', | ||
88 | model: 'App/Models/User', | ||
89 | scheme: 'api', | ||
90 | uid: 'email', | ||
91 | password: 'password', | ||
92 | }, | ||
93 | }; | ||
diff --git a/src/server/config/bodyParser.js b/src/server/config/bodyParser.js deleted file mode 100644 index c336e67d2..000000000 --- a/src/server/config/bodyParser.js +++ /dev/null | |||
@@ -1,156 +0,0 @@ | |||
1 | |||
2 | module.exports = { | ||
3 | /* | ||
4 | |-------------------------------------------------------------------------- | ||
5 | | JSON Parser | ||
6 | |-------------------------------------------------------------------------- | ||
7 | | | ||
8 | | Below settings are applied when the request body contains a JSON payload. | ||
9 | | If you want body parser to ignore JSON payloads, then simply set `types` | ||
10 | | to an empty array. | ||
11 | */ | ||
12 | json: { | ||
13 | /* | ||
14 | |-------------------------------------------------------------------------- | ||
15 | | limit | ||
16 | |-------------------------------------------------------------------------- | ||
17 | | | ||
18 | | Defines the limit of JSON that can be sent by the client. If payload | ||
19 | | is over 1mb it will not be processed. | ||
20 | | | ||
21 | */ | ||
22 | limit: '50mb', | ||
23 | |||
24 | /* | ||
25 | |-------------------------------------------------------------------------- | ||
26 | | strict | ||
27 | |-------------------------------------------------------------------------- | ||
28 | | | ||
29 | | When `strict` is set to true, body parser will only parse Arrays and | ||
30 | | Object. Otherwise everything parseable by `JSON.parse` is parsed. | ||
31 | | | ||
32 | */ | ||
33 | strict: true, | ||
34 | |||
35 | /* | ||
36 | |-------------------------------------------------------------------------- | ||
37 | | types | ||
38 | |-------------------------------------------------------------------------- | ||
39 | | | ||
40 | | Which content types are processed as JSON payloads. You are free to | ||
41 | | add your own types here, but the request body should be parseable | ||
42 | | by `JSON.parse` method. | ||
43 | | | ||
44 | */ | ||
45 | types: [ | ||
46 | 'application/json', | ||
47 | 'application/json-patch+json', | ||
48 | 'application/vnd.api+json', | ||
49 | 'application/csp-report', | ||
50 | ], | ||
51 | }, | ||
52 | |||
53 | /* | ||
54 | |-------------------------------------------------------------------------- | ||
55 | | Raw Parser | ||
56 | |-------------------------------------------------------------------------- | ||
57 | | | ||
58 | | | ||
59 | | | ||
60 | */ | ||
61 | raw: { | ||
62 | types: [ | ||
63 | 'text/*', | ||
64 | ], | ||
65 | }, | ||
66 | |||
67 | /* | ||
68 | |-------------------------------------------------------------------------- | ||
69 | | Form Parser | ||
70 | |-------------------------------------------------------------------------- | ||
71 | | | ||
72 | | | ||
73 | | | ||
74 | */ | ||
75 | form: { | ||
76 | types: [ | ||
77 | 'application/x-www-form-urlencoded', | ||
78 | ], | ||
79 | }, | ||
80 | |||
81 | /* | ||
82 | |-------------------------------------------------------------------------- | ||
83 | | Files Parser | ||
84 | |-------------------------------------------------------------------------- | ||
85 | | | ||
86 | | | ||
87 | | | ||
88 | */ | ||
89 | files: { | ||
90 | types: [ | ||
91 | 'multipart/form-data', | ||
92 | ], | ||
93 | |||
94 | /* | ||
95 | |-------------------------------------------------------------------------- | ||
96 | | Max Size | ||
97 | |-------------------------------------------------------------------------- | ||
98 | | | ||
99 | | Below value is the max size of all the files uploaded to the server. It | ||
100 | | is validated even before files have been processed and hard exception | ||
101 | | is thrown. | ||
102 | | | ||
103 | | Consider setting a reasonable value here, otherwise people may upload GB's | ||
104 | | of files which will keep your server busy. | ||
105 | | | ||
106 | | Also this value is considered when `autoProcess` is set to true. | ||
107 | | | ||
108 | */ | ||
109 | maxSize: '20mb', | ||
110 | |||
111 | /* | ||
112 | |-------------------------------------------------------------------------- | ||
113 | | Auto Process | ||
114 | |-------------------------------------------------------------------------- | ||
115 | | | ||
116 | | Whether or not to auto-process files. Since HTTP servers handle files via | ||
117 | | couple of specific endpoints. It is better to set this value off and | ||
118 | | manually process the files when required. | ||
119 | | | ||
120 | | This value can contain a boolean or an array of route patterns | ||
121 | | to be autoprocessed. | ||
122 | */ | ||
123 | autoProcess: true, | ||
124 | |||
125 | /* | ||
126 | |-------------------------------------------------------------------------- | ||
127 | | Process Manually | ||
128 | |-------------------------------------------------------------------------- | ||
129 | | | ||
130 | | The list of routes that should not process files and instead rely on | ||
131 | | manual process. This list should only contain routes when autoProcess | ||
132 | | is to true. Otherwise everything is processed manually. | ||
133 | | | ||
134 | */ | ||
135 | processManually: [], | ||
136 | |||
137 | /* | ||
138 | |-------------------------------------------------------------------------- | ||
139 | | Temporary file name | ||
140 | |-------------------------------------------------------------------------- | ||
141 | | | ||
142 | | Define a function, which should return a string to be used as the | ||
143 | | tmp file name. | ||
144 | | | ||
145 | | If not defined, Bodyparser will use `uuid` as the tmp file name. | ||
146 | | | ||
147 | | To be defined as. If you are defining the function, then do make sure | ||
148 | | to return a value from it. | ||
149 | | | ||
150 | | tmpFileName () { | ||
151 | | return 'some-unique-value' | ||
152 | | } | ||
153 | | | ||
154 | */ | ||
155 | }, | ||
156 | }; | ||
diff --git a/src/server/config/cors.js b/src/server/config/cors.js deleted file mode 100644 index 7ebbe3ffa..000000000 --- a/src/server/config/cors.js +++ /dev/null | |||
@@ -1,86 +0,0 @@ | |||
1 | |||
2 | module.exports = { | ||
3 | /* | ||
4 | |-------------------------------------------------------------------------- | ||
5 | | Origin | ||
6 | |-------------------------------------------------------------------------- | ||
7 | | | ||
8 | | Set a list of origins to be allowed. The value can be one of the following | ||
9 | | | ||
10 | | Boolean: true - Allow current request origin | ||
11 | | Boolean: false - Disallow all | ||
12 | | String - Comma separated list of allowed origins | ||
13 | | Array - An array of allowed origins | ||
14 | | String: * - A wildcard to allow current request origin | ||
15 | | Function - Receives the current origin and should return one of the above values. | ||
16 | | | ||
17 | */ | ||
18 | origin: false, | ||
19 | |||
20 | /* | ||
21 | |-------------------------------------------------------------------------- | ||
22 | | Methods | ||
23 | |-------------------------------------------------------------------------- | ||
24 | | | ||
25 | | HTTP methods to be allowed. The value can be one of the following | ||
26 | | | ||
27 | | String - Comma separated list of allowed methods | ||
28 | | Array - An array of allowed methods | ||
29 | | | ||
30 | */ | ||
31 | methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'], | ||
32 | |||
33 | /* | ||
34 | |-------------------------------------------------------------------------- | ||
35 | | Headers | ||
36 | |-------------------------------------------------------------------------- | ||
37 | | | ||
38 | | List of headers to be allowed via Access-Control-Request-Headers header. | ||
39 | | The value can be one of the following. | ||
40 | | | ||
41 | | Boolean: true - Allow current request headers | ||
42 | | Boolean: false - Disallow all | ||
43 | | String - Comma separated list of allowed headers | ||
44 | | Array - An array of allowed headers | ||
45 | | String: * - A wildcard to allow current request headers | ||
46 | | Function - Receives the current header and should return one of the above values. | ||
47 | | | ||
48 | */ | ||
49 | headers: true, | ||
50 | |||
51 | /* | ||
52 | |-------------------------------------------------------------------------- | ||
53 | | Expose Headers | ||
54 | |-------------------------------------------------------------------------- | ||
55 | | | ||
56 | | A list of headers to be exposed via `Access-Control-Expose-Headers` | ||
57 | | header. The value can be one of the following. | ||
58 | | | ||
59 | | Boolean: false - Disallow all | ||
60 | | String: Comma separated list of allowed headers | ||
61 | | Array - An array of allowed headers | ||
62 | | | ||
63 | */ | ||
64 | exposeHeaders: false, | ||
65 | |||
66 | /* | ||
67 | |-------------------------------------------------------------------------- | ||
68 | | Credentials | ||
69 | |-------------------------------------------------------------------------- | ||
70 | | | ||
71 | | Define Access-Control-Allow-Credentials header. It should always be a | ||
72 | | boolean. | ||
73 | | | ||
74 | */ | ||
75 | credentials: false, | ||
76 | |||
77 | /* | ||
78 | |-------------------------------------------------------------------------- | ||
79 | | MaxAge | ||
80 | |-------------------------------------------------------------------------- | ||
81 | | | ||
82 | | Define Access-Control-Allow-Max-Age | ||
83 | | | ||
84 | */ | ||
85 | maxAge: 90, | ||
86 | }; | ||
diff --git a/src/server/config/database.js b/src/server/config/database.js deleted file mode 100644 index a413f7050..000000000 --- a/src/server/config/database.js +++ /dev/null | |||
@@ -1,83 +0,0 @@ | |||
1 | |||
2 | /** @type {import('@adonisjs/framework/src/Env')} */ | ||
3 | const Env = use('Env'); | ||
4 | |||
5 | const dbPath = process.env.DB_PATH; | ||
6 | |||
7 | module.exports = { | ||
8 | /* | ||
9 | |-------------------------------------------------------------------------- | ||
10 | | Default Connection | ||
11 | |-------------------------------------------------------------------------- | ||
12 | | | ||
13 | | Connection defines the default connection settings to be used while | ||
14 | | interacting with SQL databases. | ||
15 | | | ||
16 | */ | ||
17 | connection: Env.get('DB_CONNECTION', 'sqlite'), | ||
18 | |||
19 | /* | ||
20 | |-------------------------------------------------------------------------- | ||
21 | | Sqlite | ||
22 | |-------------------------------------------------------------------------- | ||
23 | | | ||
24 | | Sqlite is a flat file database and can be a good choice for a development | ||
25 | | environment. | ||
26 | | | ||
27 | | npm i --save sqlite3 | ||
28 | | | ||
29 | */ | ||
30 | sqlite: { | ||
31 | client: 'sqlite3', | ||
32 | connection: { | ||
33 | // filename: Helpers.databasePath(`${Env.get('DB_DATABASE', 'development')}.sqlite`), | ||
34 | filename: dbPath, | ||
35 | }, | ||
36 | useNullAsDefault: true, | ||
37 | debug: Env.get('DB_DEBUG', false), | ||
38 | }, | ||
39 | |||
40 | /* | ||
41 | |-------------------------------------------------------------------------- | ||
42 | | MySQL | ||
43 | |-------------------------------------------------------------------------- | ||
44 | | | ||
45 | | Here we define connection settings for MySQL database. | ||
46 | | | ||
47 | | npm i --save mysql | ||
48 | | | ||
49 | */ | ||
50 | mysql: { | ||
51 | client: 'mysql', | ||
52 | connection: { | ||
53 | host: Env.get('DB_HOST', 'localhost'), | ||
54 | port: Env.get('DB_PORT', ''), | ||
55 | user: Env.get('DB_USER', 'root'), | ||
56 | password: Env.get('DB_PASSWORD', ''), | ||
57 | database: Env.get('DB_DATABASE', 'adonis'), | ||
58 | }, | ||
59 | debug: Env.get('DB_DEBUG', false), | ||
60 | }, | ||
61 | |||
62 | /* | ||
63 | |-------------------------------------------------------------------------- | ||
64 | | PostgreSQL | ||
65 | |-------------------------------------------------------------------------- | ||
66 | | | ||
67 | | Here we define connection settings for PostgreSQL database. | ||
68 | | | ||
69 | | npm i --save pg | ||
70 | | | ||
71 | */ | ||
72 | pg: { | ||
73 | client: 'pg', | ||
74 | connection: { | ||
75 | host: Env.get('DB_HOST', 'localhost'), | ||
76 | port: Env.get('DB_PORT', ''), | ||
77 | user: Env.get('DB_USER', 'root'), | ||
78 | password: Env.get('DB_PASSWORD', ''), | ||
79 | database: Env.get('DB_DATABASE', 'adonis'), | ||
80 | }, | ||
81 | debug: Env.get('DB_DEBUG', false), | ||
82 | }, | ||
83 | }; | ||
diff --git a/src/server/config/drive.js b/src/server/config/drive.js deleted file mode 100644 index 617ce470a..000000000 --- a/src/server/config/drive.js +++ /dev/null | |||
@@ -1,45 +0,0 @@ | |||
1 | const Env = use('Env'); | ||
2 | |||
3 | module.exports = { | ||
4 | /* | ||
5 | |-------------------------------------------------------------------------- | ||
6 | | Default disk | ||
7 | |-------------------------------------------------------------------------- | ||
8 | | | ||
9 | | The default disk is used when you interact with the file system without | ||
10 | | defining a disk name | ||
11 | | | ||
12 | */ | ||
13 | default: 'local', | ||
14 | |||
15 | disks: { | ||
16 | /* | ||
17 | |-------------------------------------------------------------------------- | ||
18 | | Local | ||
19 | |-------------------------------------------------------------------------- | ||
20 | | | ||
21 | | Local disk interacts with the a local folder inside your application | ||
22 | | | ||
23 | */ | ||
24 | local: { | ||
25 | root: `${__dirname}/../recipes`, | ||
26 | driver: 'local', | ||
27 | }, | ||
28 | |||
29 | /* | ||
30 | |-------------------------------------------------------------------------- | ||
31 | | S3 | ||
32 | |-------------------------------------------------------------------------- | ||
33 | | | ||
34 | | S3 disk interacts with a bucket on aws s3 | ||
35 | | | ||
36 | */ | ||
37 | s3: { | ||
38 | driver: 's3', | ||
39 | key: Env.get('S3_KEY'), | ||
40 | secret: Env.get('S3_SECRET'), | ||
41 | bucket: Env.get('S3_BUCKET'), | ||
42 | region: Env.get('S3_REGION'), | ||
43 | }, | ||
44 | }, | ||
45 | }; | ||
diff --git a/src/server/config/hash.js b/src/server/config/hash.js deleted file mode 100644 index 297c977fc..000000000 --- a/src/server/config/hash.js +++ /dev/null | |||
@@ -1,48 +0,0 @@ | |||
1 | |||
2 | /** @type {import('@adonisjs/framework/src/Env')} */ | ||
3 | const Env = use('Env'); | ||
4 | |||
5 | module.exports = { | ||
6 | /* | ||
7 | |-------------------------------------------------------------------------- | ||
8 | | Driver | ||
9 | |-------------------------------------------------------------------------- | ||
10 | | | ||
11 | | Driver to be used for hashing values. The same driver is used by the | ||
12 | | auth module too. | ||
13 | | | ||
14 | */ | ||
15 | driver: Env.get('HASH_DRIVER', 'bcrypt'), | ||
16 | |||
17 | /* | ||
18 | |-------------------------------------------------------------------------- | ||
19 | | Bcrypt | ||
20 | |-------------------------------------------------------------------------- | ||
21 | | | ||
22 | | Config related to bcrypt hashing. https://www.npmjs.com/package/bcrypt | ||
23 | | package is used internally. | ||
24 | | | ||
25 | */ | ||
26 | bcrypt: { | ||
27 | rounds: 10, | ||
28 | }, | ||
29 | |||
30 | /* | ||
31 | |-------------------------------------------------------------------------- | ||
32 | | Argon | ||
33 | |-------------------------------------------------------------------------- | ||
34 | | | ||
35 | | Config related to argon. https://www.npmjs.com/package/argon2 package is | ||
36 | | used internally. | ||
37 | | | ||
38 | | Since argon is optional, you will have to install the dependency yourself | ||
39 | | | ||
40 | |============================================================================ | ||
41 | | npm i argon2 | ||
42 | |============================================================================ | ||
43 | | | ||
44 | */ | ||
45 | argon: { | ||
46 | type: 1, | ||
47 | }, | ||
48 | }; | ||
diff --git a/src/server/config/session.js b/src/server/config/session.js deleted file mode 100644 index bce28bdd9..000000000 --- a/src/server/config/session.js +++ /dev/null | |||
@@ -1,98 +0,0 @@ | |||
1 | |||
2 | const Env = use('Env'); | ||
3 | |||
4 | module.exports = { | ||
5 | /* | ||
6 | |-------------------------------------------------------------------------- | ||
7 | | Session Driver | ||
8 | |-------------------------------------------------------------------------- | ||
9 | | | ||
10 | | The session driver to be used for storing session values. It can be | ||
11 | | cookie, file or redis. | ||
12 | | | ||
13 | | For `redis` driver, make sure to install and register `@adonisjs/redis` | ||
14 | | | ||
15 | */ | ||
16 | driver: Env.get('SESSION_DRIVER', 'cookie'), | ||
17 | |||
18 | /* | ||
19 | |-------------------------------------------------------------------------- | ||
20 | | Cookie Name | ||
21 | |-------------------------------------------------------------------------- | ||
22 | | | ||
23 | | The name of the cookie to be used for saving session id. Session ids | ||
24 | | are signed and encrypted. | ||
25 | | | ||
26 | */ | ||
27 | cookieName: 'adonis-session', | ||
28 | |||
29 | /* | ||
30 | |-------------------------------------------------------------------------- | ||
31 | | Clear session when browser closes | ||
32 | |-------------------------------------------------------------------------- | ||
33 | | | ||
34 | | If this value is true, the session cookie will be temporary and will be | ||
35 | | removed when browser closes. | ||
36 | | | ||
37 | */ | ||
38 | clearWithBrowser: true, | ||
39 | |||
40 | /* | ||
41 | |-------------------------------------------------------------------------- | ||
42 | | Session age | ||
43 | |-------------------------------------------------------------------------- | ||
44 | | | ||
45 | | This value is only used when `clearWithBrowser` is set to false. The | ||
46 | | age must be a valid https://npmjs.org/package/ms string or should | ||
47 | | be in milliseconds. | ||
48 | | | ||
49 | | Valid values are: | ||
50 | | '2h', '10d', '5y', '2.5 hrs' | ||
51 | | | ||
52 | */ | ||
53 | age: '2h', | ||
54 | |||
55 | /* | ||
56 | |-------------------------------------------------------------------------- | ||
57 | | Cookie options | ||
58 | |-------------------------------------------------------------------------- | ||
59 | | | ||
60 | | Cookie options defines the options to be used for setting up session | ||
61 | | cookie | ||
62 | | | ||
63 | */ | ||
64 | cookie: { | ||
65 | httpOnly: true, | ||
66 | path: '/', | ||
67 | sameSite: false, | ||
68 | }, | ||
69 | |||
70 | /* | ||
71 | |-------------------------------------------------------------------------- | ||
72 | | Sessions location | ||
73 | |-------------------------------------------------------------------------- | ||
74 | | | ||
75 | | If driver is set to file, we need to define the relative location from | ||
76 | | the temporary path or absolute url to any location. | ||
77 | | | ||
78 | */ | ||
79 | file: { | ||
80 | location: 'sessions', | ||
81 | }, | ||
82 | |||
83 | /* | ||
84 | |-------------------------------------------------------------------------- | ||
85 | | Redis config | ||
86 | |-------------------------------------------------------------------------- | ||
87 | | | ||
88 | | The configuration for the redis driver. | ||
89 | | | ||
90 | */ | ||
91 | redis: { | ||
92 | host: '127.0.0.1', | ||
93 | port: 6379, | ||
94 | password: null, | ||
95 | db: 0, | ||
96 | keyPrefix: '', | ||
97 | }, | ||
98 | }; | ||
diff --git a/src/server/config/shield.js b/src/server/config/shield.js deleted file mode 100644 index 5c1c5cd73..000000000 --- a/src/server/config/shield.js +++ /dev/null | |||
@@ -1,144 +0,0 @@ | |||
1 | |||
2 | module.exports = { | ||
3 | /* | ||
4 | |-------------------------------------------------------------------------- | ||
5 | | Content Security Policy | ||
6 | |-------------------------------------------------------------------------- | ||
7 | | | ||
8 | | Content security policy filters out the origins not allowed to execute | ||
9 | | and load resources like scripts, styles and fonts. There are wide | ||
10 | | variety of options to choose from. | ||
11 | */ | ||
12 | csp: { | ||
13 | /* | ||
14 | |-------------------------------------------------------------------------- | ||
15 | | Directives | ||
16 | |-------------------------------------------------------------------------- | ||
17 | | | ||
18 | | All directives are defined in camelCase and here is the list of | ||
19 | | available directives and their possible values. | ||
20 | | | ||
21 | | https://content-security-policy.com | ||
22 | | | ||
23 | | @example | ||
24 | | directives: { | ||
25 | | defaultSrc: ['self', '@nonce', 'cdnjs.cloudflare.com'] | ||
26 | | } | ||
27 | | | ||
28 | */ | ||
29 | directives: { | ||
30 | }, | ||
31 | /* | ||
32 | |-------------------------------------------------------------------------- | ||
33 | | Report only | ||
34 | |-------------------------------------------------------------------------- | ||
35 | | | ||
36 | | Setting `reportOnly=true` will not block the scripts from running and | ||
37 | | instead report them to a URL. | ||
38 | | | ||
39 | */ | ||
40 | reportOnly: false, | ||
41 | /* | ||
42 | |-------------------------------------------------------------------------- | ||
43 | | Set all headers | ||
44 | |-------------------------------------------------------------------------- | ||
45 | | | ||
46 | | Headers staring with `X` have been depreciated, since all major browsers | ||
47 | | supports the standard CSP header. So its better to disable deperciated | ||
48 | | headers, unless you want them to be set. | ||
49 | | | ||
50 | */ | ||
51 | setAllHeaders: false, | ||
52 | |||
53 | /* | ||
54 | |-------------------------------------------------------------------------- | ||
55 | | Disable on android | ||
56 | |-------------------------------------------------------------------------- | ||
57 | | | ||
58 | | Certain versions of android are buggy with CSP policy. So you can set | ||
59 | | this value to true, to disable it for Android versions with buggy | ||
60 | | behavior. | ||
61 | | | ||
62 | | Here is an issue reported on a different package, but helpful to read | ||
63 | | if you want to know the behavior. https://github.com/helmetjs/helmet/pull/82 | ||
64 | | | ||
65 | */ | ||
66 | disableAndroid: true, | ||
67 | }, | ||
68 | |||
69 | /* | ||
70 | |-------------------------------------------------------------------------- | ||
71 | | X-XSS-Protection | ||
72 | |-------------------------------------------------------------------------- | ||
73 | | | ||
74 | | X-XSS Protection saves from applications from XSS attacks. It is adopted | ||
75 | | by IE and later followed by some other browsers. | ||
76 | | | ||
77 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection | ||
78 | | | ||
79 | */ | ||
80 | xss: { | ||
81 | enabled: true, | ||
82 | enableOnOldIE: false, | ||
83 | }, | ||
84 | |||
85 | /* | ||
86 | |-------------------------------------------------------------------------- | ||
87 | | Iframe Options | ||
88 | |-------------------------------------------------------------------------- | ||
89 | | | ||
90 | | xframe defines whether or not your website can be embedded inside an | ||
91 | | iframe. Choose from one of the following options. | ||
92 | | @available options | ||
93 | | DENY, SAMEORIGIN, ALLOW-FROM http://example.com | ||
94 | | | ||
95 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | ||
96 | */ | ||
97 | xframe: 'DENY', | ||
98 | |||
99 | /* | ||
100 | |-------------------------------------------------------------------------- | ||
101 | | No Sniff | ||
102 | |-------------------------------------------------------------------------- | ||
103 | | | ||
104 | | Browsers have a habit of sniffing content-type of a response. Which means | ||
105 | | files with .txt extension containing Javascript code will be executed as | ||
106 | | Javascript. You can disable this behavior by setting nosniff to false. | ||
107 | | | ||
108 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | ||
109 | | | ||
110 | */ | ||
111 | nosniff: true, | ||
112 | |||
113 | /* | ||
114 | |-------------------------------------------------------------------------- | ||
115 | | No Open | ||
116 | |-------------------------------------------------------------------------- | ||
117 | | | ||
118 | | IE users can execute webpages in the context of your website, which is | ||
119 | | a serious security risk. Below option will manage this for you. | ||
120 | | | ||
121 | */ | ||
122 | noopen: true, | ||
123 | |||
124 | /* | ||
125 | |-------------------------------------------------------------------------- | ||
126 | | CSRF Protection | ||
127 | |-------------------------------------------------------------------------- | ||
128 | | | ||
129 | | CSRF Protection adds another layer of security by making sure, actionable | ||
130 | | routes does have a valid token to execute an action. | ||
131 | | | ||
132 | */ | ||
133 | csrf: { | ||
134 | enable: true, | ||
135 | methods: ['POST', 'PUT', 'DELETE'], | ||
136 | filterUris: [], | ||
137 | cookieOptions: { | ||
138 | httpOnly: false, | ||
139 | sameSite: true, | ||
140 | path: '/', | ||
141 | maxAge: 7200, | ||
142 | }, | ||
143 | }, | ||
144 | }; | ||