diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/app.ts | 43 | ||||
-rw-r--r-- | config/auth.ts | 18 | ||||
-rw-r--r-- | config/bodyparser.ts | 9 | ||||
-rw-r--r-- | config/cors.ts | 15 | ||||
-rw-r--r-- | config/dashboard.ts | 6 | ||||
-rw-r--r-- | config/database.ts | 54 | ||||
-rw-r--r-- | config/drive.ts | 12 | ||||
-rw-r--r-- | config/hash.ts | 30 | ||||
-rw-r--r-- | config/mail.ts | 64 | ||||
-rw-r--r-- | config/session.ts | 14 | ||||
-rw-r--r-- | config/shield.ts | 363 | ||||
-rw-r--r-- | config/static.ts | 8 |
12 files changed, 261 insertions, 375 deletions
diff --git a/config/app.ts b/config/app.ts index fb3c0be..135f20f 100644 --- a/config/app.ts +++ b/config/app.ts | |||
@@ -5,12 +5,12 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import proxyAddr from 'proxy-addr'; | 8 | import proxyAddr from 'proxy-addr' |
9 | import Env from '@ioc:Adonis/Core/Env'; | 9 | import env from '#start/env' |
10 | import { ServerConfig } from '@ioc:Adonis/Core/Server'; | 10 | import { ProfilerConfig } from '@ioc:Adonis/Core/Profiler' |
11 | import { LoggerConfig } from '@ioc:Adonis/Core/Logger'; | 11 | import { LoggerConfig } from '@adonisjs/core/types/logger' |
12 | import { ProfilerConfig } from '@ioc:Adonis/Core/Profiler'; | 12 | import { ValidatorConfig } from '@adonisjs/validator/types' |
13 | import { ValidatorConfig } from '@ioc:Adonis/Core/Validator'; | 13 | import { defineConfig } from '@adonisjs/core/http' |
14 | 14 | ||
15 | /* | 15 | /* |
16 | |-------------------------------------------------------------------------- | 16 | |-------------------------------------------------------------------------- |
@@ -25,18 +25,17 @@ import { ValidatorConfig } from '@ioc:Adonis/Core/Validator'; | |||
25 | | be decrypted. | 25 | | be decrypted. |
26 | | | 26 | | |
27 | */ | 27 | */ |
28 | export const appKey: string = Env.get('APP_KEY'); | 28 | export const appKey: string = env.get('APP_KEY') |
29 | 29 | ||
30 | export const url: string = Env.get('APP_URL'); | 30 | export const url: string = env.get('APP_URL') |
31 | 31 | ||
32 | // TODO: this is parsed as string to be coherent with the previous version of the code we add (before migrating to AdonisJS 5) | 32 | // TODO: this is parsed as string to be coherent with the previous version of the code we add (before migrating to AdonisJS 5) |
33 | export const isRegistrationEnabled: string = Env.get('IS_REGISTRATION_ENABLED'); | 33 | export const isRegistrationEnabled: string = env.get('IS_REGISTRATION_ENABLED') |
34 | export const connectWithFranz: string = Env.get('CONNECT_WITH_FRANZ'); | 34 | export const connectWithFranz: string = env.get('CONNECT_WITH_FRANZ') |
35 | export const isCreationEnabled: string = Env.get('IS_CREATION_ENABLED'); | 35 | export const isCreationEnabled: string = env.get('IS_CREATION_ENABLED') |
36 | export const jwtUsePEM: boolean = | 36 | export const jwtUsePEM: boolean = |
37 | Env.get('JWT_USE_PEM', false) || | 37 | env.get('JWT_USE_PEM', false) || |
38 | (Env.get('JWT_PUBLIC_KEY', '') !== '' && | 38 | (env.get('JWT_PUBLIC_KEY', '') !== '' && env.get('JWT_PRIVATE_KEY', '') !== '') |
39 | Env.get('JWT_PRIVATE_KEY', '') !== ''); | ||
40 | /* | 39 | /* |
41 | |-------------------------------------------------------------------------- | 40 | |-------------------------------------------------------------------------- |
42 | | Http server configuration | 41 | | Http server configuration |
@@ -46,7 +45,7 @@ export const jwtUsePEM: boolean = | |||
46 | | the config properties to make keep server secure. | 45 | | the config properties to make keep server secure. |
47 | | | 46 | | |
48 | */ | 47 | */ |
49 | export const http: ServerConfig = { | 48 | export const http = defineConfig({ |
50 | /* | 49 | /* |
51 | |-------------------------------------------------------------------------- | 50 | |-------------------------------------------------------------------------- |
52 | | Allow method spoofing | 51 | | Allow method spoofing |
@@ -137,7 +136,7 @@ export const http: ServerConfig = { | |||
137 | | | 136 | | |
138 | */ | 137 | */ |
139 | forceContentNegotiationTo: 'application/json', | 138 | forceContentNegotiationTo: 'application/json', |
140 | }; | 139 | }) |
141 | 140 | ||
142 | /* | 141 | /* |
143 | |-------------------------------------------------------------------------- | 142 | |-------------------------------------------------------------------------- |
@@ -157,7 +156,7 @@ export const logger: LoggerConfig = { | |||
157 | | reading the `name` property from the `package.json` file. | 156 | | reading the `name` property from the `package.json` file. |
158 | | | 157 | | |
159 | */ | 158 | */ |
160 | name: Env.get('APP_NAME', 'Ferdium-server'), | 159 | name: env.get('APP_NAME', 'Ferdium-server'), |
161 | 160 | ||
162 | /* | 161 | /* |
163 | |-------------------------------------------------------------------------- | 162 | |-------------------------------------------------------------------------- |
@@ -179,7 +178,7 @@ export const logger: LoggerConfig = { | |||
179 | | at deployment level and not code level. | 178 | | at deployment level and not code level. |
180 | | | 179 | | |
181 | */ | 180 | */ |
182 | level: Env.get('LOG_LEVEL', 'info'), | 181 | level: env.get('LOG_LEVEL', 'info'), |
183 | 182 | ||
184 | /* | 183 | /* |
185 | |-------------------------------------------------------------------------- | 184 | |-------------------------------------------------------------------------- |
@@ -190,8 +189,8 @@ export const logger: LoggerConfig = { | |||
190 | | can have huge impact on performance. | 189 | | can have huge impact on performance. |
191 | | | 190 | | |
192 | */ | 191 | */ |
193 | prettyPrint: Env.get('NODE_ENV') === 'development', | 192 | prettyPrint: env.get('NODE_ENV') === 'development', |
194 | }; | 193 | } |
195 | 194 | ||
196 | /* | 195 | /* |
197 | |-------------------------------------------------------------------------- | 196 | |-------------------------------------------------------------------------- |
@@ -230,7 +229,7 @@ export const profiler: ProfilerConfig = { | |||
230 | | | 229 | | |
231 | */ | 230 | */ |
232 | whitelist: [], | 231 | whitelist: [], |
233 | }; | 232 | } |
234 | 233 | ||
235 | /* | 234 | /* |
236 | |-------------------------------------------------------------------------- | 235 | |-------------------------------------------------------------------------- |
@@ -241,4 +240,4 @@ export const profiler: ProfilerConfig = { | |||
241 | | to the default config https://git.io/JT0WE | 240 | | to the default config https://git.io/JT0WE |
242 | | | 241 | | |
243 | */ | 242 | */ |
244 | export const validator: ValidatorConfig = {}; | 243 | export const validator: ValidatorConfig = {} |
diff --git a/config/auth.ts b/config/auth.ts index 28a9b8c..f43bbdb 100644 --- a/config/auth.ts +++ b/config/auth.ts | |||
@@ -5,9 +5,9 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import { AuthConfig } from '@ioc:Adonis/Addons/Auth'; | 8 | import { AuthConfig } from '@ioc:Adonis/Addons/Auth' |
9 | import Env from '@ioc:Adonis/Core/Env'; | 9 | import env from '#start/env' |
10 | import { appKey, jwtUsePEM } from './app'; | 10 | import { appKey, jwtUsePEM } from './app.js' |
11 | 11 | ||
12 | /* | 12 | /* |
13 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
@@ -233,12 +233,8 @@ const authConfig: AuthConfig = { | |||
233 | driver: 'jwt', | 233 | driver: 'jwt', |
234 | secret: jwtUsePEM ? undefined : appKey, | 234 | secret: jwtUsePEM ? undefined : appKey, |
235 | algorithmJwt: jwtUsePEM ? undefined : 'HS256', | 235 | algorithmJwt: jwtUsePEM ? undefined : 'HS256', |
236 | publicKey: jwtUsePEM | 236 | publicKey: jwtUsePEM ? env.get('JWT_PUBLIC_KEY', '').replaceAll('\\n', '\n') : undefined, |
237 | ? Env.get('JWT_PUBLIC_KEY', '').replaceAll('\\n', '\n') | 237 | privateKey: jwtUsePEM ? env.get('JWT_PRIVATE_KEY', '').replaceAll('\\n', '\n') : undefined, |
238 | : undefined, | ||
239 | privateKey: jwtUsePEM | ||
240 | ? Env.get('JWT_PRIVATE_KEY', '').replaceAll('\\n', '\n') | ||
241 | : undefined, | ||
242 | persistJwt: true, | 238 | persistJwt: true, |
243 | // TODO: We should improve the following implementation as this is a security concern. | 239 | // TODO: We should improve the following implementation as this is a security concern. |
244 | // The following ts-expect-error is to set exp to undefined (JWT with no expiration) | 240 | // The following ts-expect-error is to set exp to undefined (JWT with no expiration) |
@@ -258,6 +254,6 @@ const authConfig: AuthConfig = { | |||
258 | }, | 254 | }, |
259 | }, | 255 | }, |
260 | }, | 256 | }, |
261 | }; | 257 | } |
262 | 258 | ||
263 | export default authConfig; | 259 | export default authConfig |
diff --git a/config/bodyparser.ts b/config/bodyparser.ts index b5adcda..b3a027b 100644 --- a/config/bodyparser.ts +++ b/config/bodyparser.ts | |||
@@ -5,9 +5,10 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import { BodyParserConfig } from '@ioc:Adonis/Core/BodyParser'; | 8 | import { BodyParserConfig } from '@adonisjs/core/bodyparser' |
9 | import { defineConfig } from '@adonisjs/core/bodyparser' | ||
9 | 10 | ||
10 | const bodyParserConfig: BodyParserConfig = { | 11 | const bodyParserConfig = defineConfig({ |
11 | /* | 12 | /* |
12 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
13 | | White listed methods | 14 | | White listed methods |
@@ -200,6 +201,6 @@ const bodyParserConfig: BodyParserConfig = { | |||
200 | */ | 201 | */ |
201 | types: ['multipart/form-data'], | 202 | types: ['multipart/form-data'], |
202 | }, | 203 | }, |
203 | }; | 204 | }) |
204 | 205 | ||
205 | export default bodyParserConfig; | 206 | export default bodyParserConfig |
diff --git a/config/cors.ts b/config/cors.ts index dc0e3f6..911326f 100644 --- a/config/cors.ts +++ b/config/cors.ts | |||
@@ -1,13 +1,6 @@ | |||
1 | /** | 1 | import { defineConfig } from '@adonisjs/cors' |
2 | * Config source: https://git.io/JfefC | ||
3 | * | ||
4 | * Feel free to let us know via PR, if you find something broken in this config | ||
5 | * file. | ||
6 | */ | ||
7 | 2 | ||
8 | import { CorsConfig } from '@ioc:Adonis/Core/Cors'; | 3 | const corsConfig = defineConfig({ |
9 | |||
10 | const corsConfig: CorsConfig = { | ||
11 | /* | 4 | /* |
12 | |-------------------------------------------------------------------------- | 5 | |-------------------------------------------------------------------------- |
13 | | Enabled | 6 | | Enabled |
@@ -129,6 +122,6 @@ const corsConfig: CorsConfig = { | |||
129 | | | 122 | | |
130 | */ | 123 | */ |
131 | maxAge: 90, | 124 | maxAge: 90, |
132 | }; | 125 | }) |
133 | 126 | ||
134 | export default corsConfig; | 127 | export default corsConfig |
diff --git a/config/dashboard.ts b/config/dashboard.ts index 18feb14..9e92024 100644 --- a/config/dashboard.ts +++ b/config/dashboard.ts | |||
@@ -1,5 +1,5 @@ | |||
1 | import Env from '@ioc:Adonis/Core/Env'; | 1 | import env from '#start/env' |
2 | 2 | ||
3 | export const enabled: boolean = Env.get('IS_DASHBOARD_ENABLED') !== 'false'; | 3 | export const enabled: boolean = env.get('IS_DASHBOARD_ENABLED') !== 'false' |
4 | 4 | ||
5 | export const mailFrom: string = Env.get('MAIL_SENDER'); | 5 | export const mailFrom: string = env.get('MAIL_SENDER') |
diff --git a/config/database.ts b/config/database.ts index 65a9455..d2db1c2 100644 --- a/config/database.ts +++ b/config/database.ts | |||
@@ -1,4 +1,3 @@ | |||
1 | /* eslint-disable @typescript-eslint/indent */ | ||
2 | /** | 1 | /** |
3 | * Config source: https://git.io/JesV9 | 2 | * Config source: https://git.io/JesV9 |
4 | * | 3 | * |
@@ -6,11 +5,12 @@ | |||
6 | * file. | 5 | * file. |
7 | */ | 6 | */ |
8 | 7 | ||
9 | import path from 'node:path'; | 8 | import path from 'node:path' |
10 | import Env from '@ioc:Adonis/Core/Env'; | 9 | import env from '#start/env' |
11 | import { DatabaseConfig } from '@ioc:Adonis/Lucid/Database'; | 10 | import { DatabaseConfig } from '@adonisjs/lucid/database' |
11 | import { defineConfig } from '@adonisjs/lucid' | ||
12 | 12 | ||
13 | const databaseConfig: DatabaseConfig = { | 13 | const databaseConfig = defineConfig({ |
14 | /* | 14 | /* |
15 | |-------------------------------------------------------------------------- | 15 | |-------------------------------------------------------------------------- |
16 | | Connection | 16 | | Connection |
@@ -21,7 +21,7 @@ const databaseConfig: DatabaseConfig = { | |||
21 | | file. | 21 | | file. |
22 | | | 22 | | |
23 | */ | 23 | */ |
24 | connection: Env.get('DB_CONNECTION', 'sqlite'), | 24 | connection: env.get('DB_CONNECTION', 'sqlite'), |
25 | 25 | ||
26 | connections: { | 26 | connections: { |
27 | /* | 27 | /* |
@@ -39,13 +39,13 @@ const databaseConfig: DatabaseConfig = { | |||
39 | client: 'sqlite', | 39 | client: 'sqlite', |
40 | connection: { | 40 | connection: { |
41 | filename: path.join( | 41 | filename: path.join( |
42 | Env.get('DATA_DIR', 'data'), | 42 | env.get('DATA_DIR', 'data'), |
43 | `${Env.get('DB_DATABASE', 'ferdium')}.sqlite`, | 43 | `${env.get('DB_DATABASE', 'ferdium')}.sqlite` |
44 | ), | 44 | ), |
45 | }, | 45 | }, |
46 | pool: { | 46 | pool: { |
47 | afterCreate: (conn, cb) => { | 47 | afterCreate: (conn, cb) => { |
48 | conn.run('PRAGMA foreign_keys=true', cb); | 48 | conn.run('PRAGMA foreign_keys=true', cb) |
49 | }, | 49 | }, |
50 | }, | 50 | }, |
51 | migrations: { | 51 | migrations: { |
@@ -53,7 +53,7 @@ const databaseConfig: DatabaseConfig = { | |||
53 | }, | 53 | }, |
54 | useNullAsDefault: true, | 54 | useNullAsDefault: true, |
55 | healthCheck: false, | 55 | healthCheck: false, |
56 | debug: Env.get('DB_DEBUG', false), | 56 | debug: env.get('DB_DEBUG', false), |
57 | }, | 57 | }, |
58 | 58 | ||
59 | /* | 59 | /* |
@@ -70,17 +70,17 @@ const databaseConfig: DatabaseConfig = { | |||
70 | mysql: { | 70 | mysql: { |
71 | client: 'mysql', | 71 | client: 'mysql', |
72 | connection: { | 72 | connection: { |
73 | host: Env.get('DB_HOST', 'localhost'), | 73 | host: env.get('DB_HOST', 'localhost'), |
74 | port: Env.get('DB_PORT', ''), | 74 | port: env.get('DB_PORT', ''), |
75 | user: Env.get('DB_USER', 'root'), | 75 | user: env.get('DB_USER', 'root'), |
76 | password: Env.get('DB_PASSWORD', ''), | 76 | password: env.get('DB_PASSWORD', ''), |
77 | database: Env.get('DB_DATABASE', 'ferdium'), | 77 | database: env.get('DB_DATABASE', 'ferdium'), |
78 | }, | 78 | }, |
79 | migrations: { | 79 | migrations: { |
80 | naturalSort: true, | 80 | naturalSort: true, |
81 | }, | 81 | }, |
82 | healthCheck: false, | 82 | healthCheck: false, |
83 | debug: Env.get('DB_DEBUG', false), | 83 | debug: env.get('DB_DEBUG', false), |
84 | }, | 84 | }, |
85 | 85 | ||
86 | /* | 86 | /* |
@@ -97,25 +97,25 @@ const databaseConfig: DatabaseConfig = { | |||
97 | pg: { | 97 | pg: { |
98 | client: 'pg', | 98 | client: 'pg', |
99 | connection: { | 99 | connection: { |
100 | host: Env.get('DB_HOST', 'localhost'), | 100 | host: env.get('DB_HOST', 'localhost'), |
101 | port: Env.get('DB_PORT', ''), | 101 | port: env.get('DB_PORT', ''), |
102 | user: Env.get('DB_USER', 'root'), | 102 | user: env.get('DB_USER', 'root'), |
103 | password: Env.get('DB_PASSWORD', ''), | 103 | password: env.get('DB_PASSWORD', ''), |
104 | database: Env.get('DB_DATABASE', 'ferdium'), | 104 | database: env.get('DB_DATABASE', 'ferdium'), |
105 | ssl: Env.get('DB_CA_CERT') | 105 | ssl: env.get('DB_CA_CERT') |
106 | ? { | 106 | ? { |
107 | rejectUnauthorized: false, | 107 | rejectUnauthorized: false, |
108 | ca: Env.get('DB_CA_CERT'), | 108 | ca: env.get('DB_CA_CERT'), |
109 | } | 109 | } |
110 | : JSON.parse(Env.get('DB_SSL', 'true')), | 110 | : JSON.parse(env.get('DB_SSL', 'true')), |
111 | }, | 111 | }, |
112 | migrations: { | 112 | migrations: { |
113 | naturalSort: true, | 113 | naturalSort: true, |
114 | }, | 114 | }, |
115 | healthCheck: false, | 115 | healthCheck: false, |
116 | debug: Env.get('DB_DEBUG', false), | 116 | debug: env.get('DB_DEBUG', false), |
117 | }, | 117 | }, |
118 | }, | 118 | }, |
119 | }; | 119 | }) |
120 | 120 | ||
121 | export default databaseConfig; | 121 | export default databaseConfig |
diff --git a/config/drive.ts b/config/drive.ts index b6950eb..f099303 100644 --- a/config/drive.ts +++ b/config/drive.ts | |||
@@ -5,9 +5,9 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import Env from '@ioc:Adonis/Core/Env'; | 8 | import env from '#start/env' |
9 | import { driveConfig } from '@adonisjs/core/build/config'; | 9 | import { driveConfig } from '@adonisjs/core/build/config' |
10 | import Application from '@ioc:Adonis/Core/Application'; | 10 | import { app } from '@adonisjs/core/services/app' |
11 | 11 | ||
12 | /* | 12 | /* |
13 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
@@ -28,7 +28,7 @@ export default driveConfig({ | |||
28 | | the `DRIVE_DISK` environment variable. | 28 | | the `DRIVE_DISK` environment variable. |
29 | | | 29 | | |
30 | */ | 30 | */ |
31 | disk: Env.get('DRIVE_DISK', 'local'), | 31 | disk: env.get('DRIVE_DISK', 'local'), |
32 | 32 | ||
33 | disks: { | 33 | disks: { |
34 | /* | 34 | /* |
@@ -53,7 +53,7 @@ export default driveConfig({ | |||
53 | | files. | 53 | | files. |
54 | | | 54 | | |
55 | */ | 55 | */ |
56 | root: Application.tmpPath('uploads'), | 56 | root: app.tmpPath('uploads'), |
57 | 57 | ||
58 | /* | 58 | /* |
59 | |-------------------------------------------------------------------------- | 59 | |-------------------------------------------------------------------------- |
@@ -146,4 +146,4 @@ export default driveConfig({ | |||
146 | // usingUniformAcl: false, | 146 | // usingUniformAcl: false, |
147 | // }, | 147 | // }, |
148 | }, | 148 | }, |
149 | }); | 149 | }) |
diff --git a/config/hash.ts b/config/hash.ts index abe7dd0..22e38bd 100644 --- a/config/hash.ts +++ b/config/hash.ts | |||
@@ -5,8 +5,9 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import Env from '@ioc:Adonis/Core/Env'; | 8 | import env from '#start/env' |
9 | import { hashConfig } from '@adonisjs/core/build/config'; | 9 | import { defineConfig } from '@adonisjs/core/hash' |
10 | import { drivers } from '@adonisjs/core/hash' | ||
10 | 11 | ||
11 | /* | 12 | /* |
12 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
@@ -17,7 +18,7 @@ import { hashConfig } from '@adonisjs/core/build/config'; | |||
17 | | defined inside `contracts` directory. | 18 | | defined inside `contracts` directory. |
18 | | | 19 | | |
19 | */ | 20 | */ |
20 | export default hashConfig({ | 21 | export default defineConfig({ |
21 | /* | 22 | /* |
22 | |-------------------------------------------------------------------------- | 23 | |-------------------------------------------------------------------------- |
23 | | Default hasher | 24 | | Default hasher |
@@ -28,18 +29,17 @@ export default hashConfig({ | |||
28 | | | 29 | | |
29 | | Default is set to bcrypt to prevent breaking-changes. | 30 | | Default is set to bcrypt to prevent breaking-changes. |
30 | */ | 31 | */ |
31 | default: Env.get('HASH_DRIVER', 'scrypt'), | 32 | default: env.get('HASH_DRIVER', 'scrypt'), |
32 | 33 | ||
33 | list: { | 34 | list: { |
34 | scrypt: { | 35 | scrypt: drivers.scrypt({ |
35 | driver: 'scrypt', | ||
36 | cost: 16_384, | 36 | cost: 16_384, |
37 | blockSize: 8, | 37 | blockSize: 8, |
38 | parallelization: 1, | 38 | parallelization: 1, |
39 | saltSize: 16, | 39 | saltSize: 16, |
40 | keyLength: 64, | 40 | keyLength: 64, |
41 | maxMemory: 32 * 1024 * 1024, | 41 | maxMemory: 32 * 1024 * 1024, |
42 | }, | 42 | }), |
43 | /* | 43 | /* |
44 | |-------------------------------------------------------------------------- | 44 | |-------------------------------------------------------------------------- |
45 | | Argon | 45 | | Argon |
@@ -53,14 +53,13 @@ export default hashConfig({ | |||
53 | | npm install phc-argon2 | 53 | | npm install phc-argon2 |
54 | | | 54 | | |
55 | */ | 55 | */ |
56 | argon: { | 56 | argon: drivers.argon2({ |
57 | driver: 'argon2', | ||
58 | variant: 'id', | 57 | variant: 'id', |
59 | iterations: 3, | 58 | iterations: 3, |
60 | memory: 4096, | 59 | memory: 4096, |
61 | parallelism: 1, | 60 | parallelism: 1, |
62 | saltSize: 16, | 61 | saltSize: 16, |
63 | }, | 62 | }), |
64 | 63 | ||
65 | /* | 64 | /* |
66 | |-------------------------------------------------------------------------- | 65 | |-------------------------------------------------------------------------- |
@@ -75,14 +74,17 @@ export default hashConfig({ | |||
75 | | npm install phc-bcrypt | 74 | | npm install phc-bcrypt |
76 | | | 75 | | |
77 | */ | 76 | */ |
78 | bcrypt: { | 77 | bcrypt: drivers.bcrypt({ |
79 | driver: 'bcrypt', | ||
80 | rounds: 10, | 78 | rounds: 10, |
81 | }, | 79 | }), |
82 | 80 | ||
83 | legacy: { | 81 | legacy: { |
84 | // @ts-expect-error | 82 | // @ts-expect-error |
85 | driver: 'legacy', | 83 | driver: 'legacy', |
86 | }, | 84 | }, |
87 | }, | 85 | }, |
88 | }); | 86 | }) |
87 | |||
88 | declare module '@adonisjs/core/types' { | ||
89 | export interface HashersList extends InferHashers<typeof hashConfig> {} | ||
90 | } | ||
diff --git a/config/mail.ts b/config/mail.ts index 3f688ce..7d650d5 100644 --- a/config/mail.ts +++ b/config/mail.ts | |||
@@ -5,10 +5,10 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import Env from '@ioc:Adonis/Core/Env'; | 8 | import env from '#start/env' |
9 | import { mailConfig } from '@adonisjs/mail/build/config'; | 9 | import { defineConfig } from '@adonisjs/mail' |
10 | 10 | ||
11 | export default mailConfig({ | 11 | export default defineConfig({ |
12 | /* | 12 | /* |
13 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
14 | | Default mailer | 14 | | Default mailer |
@@ -18,7 +18,7 @@ export default mailConfig({ | |||
18 | | a mailer | 18 | | a mailer |
19 | | | 19 | | |
20 | */ | 20 | */ |
21 | mailer: Env.get('MAIL_CONNECTION', 'smtp'), | 21 | mailer: env.get('MAIL_CONNECTION', 'smtp'), |
22 | 22 | ||
23 | /* | 23 | /* |
24 | |-------------------------------------------------------------------------- | 24 | |-------------------------------------------------------------------------- |
@@ -42,22 +42,21 @@ export default mailConfig({ | |||
42 | | Uses SMTP protocol for sending email | 42 | | Uses SMTP protocol for sending email |
43 | | | 43 | | |
44 | */ | 44 | */ |
45 | smtp: { | 45 | smtp: drivers.smtp({ |
46 | driver: 'smtp', | 46 | name: env.get('APP_URL'), |
47 | name: Env.get('APP_URL'), | 47 | port: env.get('SMTP_PORT', '2525'), |
48 | port: Env.get('SMTP_PORT', '2525'), | 48 | host: env.get('SMTP_HOST', 'localhost'), |
49 | host: Env.get('SMTP_HOST', 'localhost'), | 49 | secure: JSON.parse(env.get('MAIL_SSL', 'false')), |
50 | secure: JSON.parse(Env.get('MAIL_SSL', 'false')), | 50 | requireTLS: JSON.parse(env.get('MAIL_REQUIRE_TLS', 'false')), |
51 | requireTLS: JSON.parse(Env.get('MAIL_REQUIRE_TLS', 'false')), | ||
52 | auth: { | 51 | auth: { |
53 | user: Env.get('MAIL_USERNAME'), | 52 | user: env.get('MAIL_USERNAME'), |
54 | pass: Env.get('MAIL_PASSWORD'), | 53 | pass: env.get('MAIL_PASSWORD'), |
55 | type: 'login', | 54 | type: 'login', |
56 | }, | 55 | }, |
57 | maxConnections: 5, | 56 | maxConnections: 5, |
58 | maxMessages: 100, | 57 | maxMessages: 100, |
59 | rateLimit: 10, | 58 | rateLimit: 10, |
60 | }, | 59 | }), |
61 | 60 | ||
62 | /* | 61 | /* |
63 | |-------------------------------------------------------------------------- | 62 | |-------------------------------------------------------------------------- |
@@ -72,47 +71,48 @@ export default mailConfig({ | |||
72 | | ``` | 71 | | ``` |
73 | | | 72 | | |
74 | */ | 73 | */ |
75 | ses: { | 74 | ses: drivers.ses({ |
76 | driver: 'ses', | ||
77 | apiVersion: '2010-12-01', | 75 | apiVersion: '2010-12-01', |
78 | key: Env.get('SES_ACCESS_KEY'), | 76 | key: env.get('SES_ACCESS_KEY'), |
79 | secret: Env.get('SES_ACCESS_SECRET'), | 77 | secret: env.get('SES_ACCESS_SECRET'), |
80 | region: Env.get('SES_REGION'), | 78 | region: env.get('SES_REGION'), |
81 | sslEnabled: true, | 79 | sslEnabled: true, |
82 | sendingRate: 10, | 80 | sendingRate: 10, |
83 | maxConnections: 5, | 81 | maxConnections: 5, |
84 | }, | 82 | }), |
85 | 83 | ||
86 | /* | 84 | /* |
87 | |-------------------------------------------------------------------------- | 85 | |-------------------------------------------------------------------------- |
88 | | Mailgun | 86 | | Mailgun |
89 | |-------------------------------------------------------------------------- | 87 | |-------------------------------------------------------------------------- |
90 | | | 88 | | |
91 | | Uses Mailgun service for sending emails. | 89 | | Uses Mailgun service for sending emails. |
92 | | | 90 | | |
93 | | If you are using an EU domain. Ensure to change the baseUrl to hit the | 91 | | If you are using an EU domain. Ensure to change the baseUrl to hit the |
94 | | europe endpoint (https://api.eu.mailgun.net/v3). | 92 | | europe endpoint (https://api.eu.mailgun.net/v3). |
95 | | | 93 | | |
96 | */ | 94 | */ |
97 | mailgun: { | 95 | mailgun: drivers.mailgun({ |
98 | driver: 'mailgun', | ||
99 | baseUrl: 'https://api.mailgun.net/v3', | 96 | baseUrl: 'https://api.mailgun.net/v3', |
100 | key: Env.get('MAILGUN_API_KEY'), | 97 | key: env.get('MAILGUN_API_KEY'), |
101 | domain: Env.get('MAILGUN_DOMAIN'), | 98 | domain: env.get('MAILGUN_DOMAIN'), |
102 | }, | 99 | }), |
103 | 100 | ||
104 | /* | 101 | /* |
105 | |-------------------------------------------------------------------------- | 102 | |-------------------------------------------------------------------------- |
106 | | SparkPost | 103 | | SparkPost |
107 | |-------------------------------------------------------------------------- | 104 | |-------------------------------------------------------------------------- |
108 | | | 105 | | |
109 | | Uses Sparkpost service for sending emails. | 106 | | Uses Sparkpost service for sending emails. |
110 | | | 107 | | |
111 | */ | 108 | */ |
112 | sparkpost: { | 109 | sparkpost: drivers.sparkpost({ |
113 | driver: 'sparkpost', | ||
114 | baseUrl: 'https://api.sparkpost.com/api/v1', | 110 | baseUrl: 'https://api.sparkpost.com/api/v1', |
115 | key: Env.get('SPARKPOST_API_KEY'), | 111 | key: env.get('SPARKPOST_API_KEY'), |
116 | }, | 112 | }), |
117 | }, | 113 | }, |
118 | }); | 114 | }) |
115 | |||
116 | declare module '@adonisjs/mail/types' { | ||
117 | export interface MailersList extends InferMailers<typeof mailConfig> {} | ||
118 | } | ||
diff --git a/config/session.ts b/config/session.ts index fbf8c7c..299eec3 100644 --- a/config/session.ts +++ b/config/session.ts | |||
@@ -5,11 +5,11 @@ | |||
5 | * file. | 5 | * file. |
6 | */ | 6 | */ |
7 | 7 | ||
8 | import Env from '@ioc:Adonis/Core/Env'; | 8 | import env from '#start/env' |
9 | import Application from '@ioc:Adonis/Core/Application'; | 9 | import { app } from '@adonisjs/core/services/app' |
10 | import { sessionConfig } from '@adonisjs/session/build/config'; | 10 | import { defineConfig } from '@adonisjs/session' |
11 | 11 | ||
12 | export default sessionConfig({ | 12 | export default defineConfig({ |
13 | /* | 13 | /* |
14 | |-------------------------------------------------------------------------- | 14 | |-------------------------------------------------------------------------- |
15 | | Enable/Disable sessions | 15 | | Enable/Disable sessions |
@@ -36,7 +36,7 @@ export default sessionConfig({ | |||
36 | | Note: Switching drivers will make existing sessions invalid. | 36 | | Note: Switching drivers will make existing sessions invalid. |
37 | | | 37 | | |
38 | */ | 38 | */ |
39 | driver: Env.get('SESSION_DRIVER', 'cookie'), | 39 | driver: env.get('SESSION_DRIVER', 'cookie'), |
40 | 40 | ||
41 | /* | 41 | /* |
42 | |-------------------------------------------------------------------------- | 42 | |-------------------------------------------------------------------------- |
@@ -100,7 +100,7 @@ export default sessionConfig({ | |||
100 | | | 100 | | |
101 | */ | 101 | */ |
102 | file: { | 102 | file: { |
103 | location: Application.tmpPath('sessions'), | 103 | location: app.tmpPath('sessions'), |
104 | }, | 104 | }, |
105 | 105 | ||
106 | /* | 106 | /* |
@@ -113,4 +113,4 @@ export default sessionConfig({ | |||
113 | | | 113 | | |
114 | */ | 114 | */ |
115 | redisConnection: 'local', | 115 | redisConnection: 'local', |
116 | }); | 116 | }) |
diff --git a/config/shield.ts b/config/shield.ts index 3566e1c..c88df25 100644 --- a/config/shield.ts +++ b/config/shield.ts | |||
@@ -1,243 +1,138 @@ | |||
1 | /** | 1 | import env from '#start/env' |
2 | * Config source: https://git.io/Jvwvt | 2 | import { defineConfig } from '@adonisjs/shield' |
3 | * | ||
4 | * Feel free to let us know via PR, if you find something broken in this config | ||
5 | * file. | ||
6 | */ | ||
7 | 3 | ||
8 | import Env from '@ioc:Adonis/Core/Env'; | 4 | export default defineConfig({ |
9 | import { ShieldConfig } from '@ioc:Adonis/Addons/Shield'; | 5 | csp: { |
6 | /* | ||
7 | |-------------------------------------------------------------------------- | ||
8 | | Enable/disable CSP | ||
9 | |-------------------------------------------------------------------------- | ||
10 | | | ||
11 | | The CSP rules are disabled by default for seamless onboarding. | ||
12 | | | ||
13 | */ | ||
14 | enabled: false, | ||
10 | 15 | ||
11 | /* | 16 | /* |
12 | |-------------------------------------------------------------------------- | 17 | |-------------------------------------------------------------------------- |
13 | | Content Security Policy | 18 | | Directives |
14 | |-------------------------------------------------------------------------- | 19 | |-------------------------------------------------------------------------- |
15 | | | 20 | | |
16 | | Content security policy filters out the origins not allowed to execute | 21 | | All directives are defined in camelCase and here is the list of |
17 | | and load resources like scripts, styles and fonts. There are wide | 22 | | available directives and their possible values. |
18 | | variety of options to choose from. | 23 | | |
19 | */ | 24 | | https://content-security-policy.com |
20 | export const csp: ShieldConfig['csp'] = { | 25 | | |
21 | /* | 26 | | @example |
22 | |-------------------------------------------------------------------------- | 27 | | directives: { |
23 | | Enable/disable CSP | 28 | | defaultSrc: ["'self'", '@nonce', 'cdnjs.cloudflare.com'] |
24 | |-------------------------------------------------------------------------- | 29 | | } |
25 | | | 30 | | |
26 | | The CSP rules are disabled by default for seamless onboarding. | 31 | */ |
27 | | | 32 | directives: {}, |
28 | */ | ||
29 | enabled: false, | ||
30 | 33 | ||
31 | /* | 34 | /* |
32 | |-------------------------------------------------------------------------- | 35 | |-------------------------------------------------------------------------- |
33 | | Directives | 36 | | Report only |
34 | |-------------------------------------------------------------------------- | 37 | |-------------------------------------------------------------------------- |
35 | | | 38 | | |
36 | | All directives are defined in camelCase and here is the list of | 39 | | Setting `reportOnly=true` will not block the scripts from running and |
37 | | available directives and their possible values. | 40 | | instead report them to a URL. |
38 | | | 41 | | |
39 | | https://content-security-policy.com | 42 | */ |
40 | | | 43 | reportOnly: false, |
41 | | @example | ||
42 | | directives: { | ||
43 | | defaultSrc: ["'self'", '@nonce', 'cdnjs.cloudflare.com'] | ||
44 | | } | ||
45 | | | ||
46 | */ | ||
47 | directives: {}, | ||
48 | |||
49 | /* | ||
50 | |-------------------------------------------------------------------------- | ||
51 | | Report only | ||
52 | |-------------------------------------------------------------------------- | ||
53 | | | ||
54 | | Setting `reportOnly=true` will not block the scripts from running and | ||
55 | | instead report them to a URL. | ||
56 | | | ||
57 | */ | ||
58 | reportOnly: false, | ||
59 | }; | ||
60 | |||
61 | /* | ||
62 | |-------------------------------------------------------------------------- | ||
63 | | CSRF Protection | ||
64 | |-------------------------------------------------------------------------- | ||
65 | | | ||
66 | | CSRF Protection adds another layer of security by making sure, actionable | ||
67 | | routes does have a valid token to execute an action. | ||
68 | | | ||
69 | */ | ||
70 | export const csrf: ShieldConfig['csrf'] = { | ||
71 | /* | ||
72 | |-------------------------------------------------------------------------- | ||
73 | | Enable/Disable CSRF | ||
74 | |-------------------------------------------------------------------------- | ||
75 | */ | ||
76 | enabled: Env.get('NODE_ENV') === 'production', | ||
77 | |||
78 | /* | ||
79 | |-------------------------------------------------------------------------- | ||
80 | | Routes to Ignore | ||
81 | |-------------------------------------------------------------------------- | ||
82 | | | ||
83 | | Define an array of route patterns that you want to ignore from CSRF | ||
84 | | validation. Make sure the route patterns are started with a leading | ||
85 | | slash. Example: | ||
86 | | | ||
87 | | `/foo/bar` | ||
88 | | | ||
89 | | Also you can define a function that is evaluated on every HTTP Request. | ||
90 | | ``` | ||
91 | | exceptRoutes: ({ request }) => request.url().includes('/api') | ||
92 | | ``` | ||
93 | | | ||
94 | */ | ||
95 | exceptRoutes: ctx => { | ||
96 | // ignore all routes starting with /v1/ (api) | ||
97 | return ( | ||
98 | ctx.request.url().includes('/v1/') || | ||
99 | ctx.request.url().includes('/import') | ||
100 | ); | ||
101 | }, | 44 | }, |
45 | csrf: { | ||
46 | /* | ||
47 | |-------------------------------------------------------------------------- | ||
48 | | Enable/Disable CSRF | ||
49 | |-------------------------------------------------------------------------- | ||
50 | */ | ||
51 | enabled: env.get('NODE_ENV') === 'production', | ||
102 | 52 | ||
103 | /* | 53 | /* |
104 | |-------------------------------------------------------------------------- | 54 | |-------------------------------------------------------------------------- |
105 | | Enable Sharing Token Via Cookie | 55 | | Routes to Ignore |
106 | |-------------------------------------------------------------------------- | 56 | |-------------------------------------------------------------------------- |
107 | | | 57 | | |
108 | | When the following flag is enabled, AdonisJS will drop `XSRF-TOKEN` | 58 | | Define an array of route patterns that you want to ignore from CSRF |
109 | | cookie that frontend frameworks can read and return back as a | 59 | | validation. Make sure the route patterns are started with a leading |
110 | | `X-XSRF-TOKEN` header. | 60 | | slash. Example: |
111 | | | 61 | | |
112 | | The cookie has `httpOnly` flag set to false, so it is little insecure and | 62 | | `/foo/bar` |
113 | | can be turned off when you are not using a frontend framework making | 63 | | |
114 | | AJAX requests. | 64 | | Also you can define a function that is evaluated on every HTTP Request. |
115 | | | 65 | | ``` |
116 | */ | 66 | | exceptRoutes: ({ request }) => request.url().includes('/api') |
117 | enableXsrfCookie: true, | 67 | | ``` |
118 | 68 | | | |
119 | /* | 69 | */ |
120 | |-------------------------------------------------------------------------- | 70 | exceptRoutes: (ctx) => { |
121 | | Methods to Validate | 71 | // ignore all routes starting with /v1/ (api) |
122 | |-------------------------------------------------------------------------- | 72 | return ctx.request.url().includes('/v1/') || ctx.request.url().includes('/import') |
123 | | | 73 | }, |
124 | | Define an array of HTTP methods to be validated for a valid CSRF token. | ||
125 | | | ||
126 | */ | ||
127 | methods: ['POST', 'PUT', 'PATCH', 'DELETE'], | ||
128 | }; | ||
129 | |||
130 | /* | ||
131 | |-------------------------------------------------------------------------- | ||
132 | | DNS Prefetching | ||
133 | |-------------------------------------------------------------------------- | ||
134 | | | ||
135 | | DNS prefetching allows browsers to proactively perform domain name | ||
136 | | resolution in background. | ||
137 | | | ||
138 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control | ||
139 | | | ||
140 | */ | ||
141 | export const dnsPrefetch: ShieldConfig['dnsPrefetch'] = { | ||
142 | /* | ||
143 | |-------------------------------------------------------------------------- | ||
144 | | Enable/disable this feature | ||
145 | |-------------------------------------------------------------------------- | ||
146 | */ | ||
147 | enabled: true, | ||
148 | 74 | ||
149 | /* | 75 | /* |
150 | |-------------------------------------------------------------------------- | 76 | |-------------------------------------------------------------------------- |
151 | | Allow or Dis-Allow Explicitly | 77 | | Enable Sharing Token Via Cookie |
152 | |-------------------------------------------------------------------------- | 78 | |-------------------------------------------------------------------------- |
153 | | | 79 | | |
154 | | The `enabled` boolean does not set `X-DNS-Prefetch-Control` header. However | 80 | | When the following flag is enabled, AdonisJS will drop `XSRF-TOKEN` |
155 | | the `allow` boolean controls the value of `X-DNS-Prefetch-Control` header. | 81 | | cookie that frontend frameworks can read and return back as a |
156 | | | 82 | | `X-XSRF-TOKEN` header. |
157 | | - When `allow = true`, then `X-DNS-Prefetch-Control = 'on'` | 83 | | |
158 | | - When `allow = false`, then `X-DNS-Prefetch-Control = 'off'` | 84 | | The cookie has `httpOnly` flag set to false, so it is little insecure and |
159 | | | 85 | | can be turned off when you are not using a frontend framework making |
160 | */ | 86 | | AJAX requests. |
161 | allow: true, | 87 | | |
162 | }; | 88 | */ |
89 | enableXsrfCookie: true, | ||
163 | 90 | ||
164 | /* | 91 | /* |
165 | |-------------------------------------------------------------------------- | 92 | |-------------------------------------------------------------------------- |
166 | | Iframe Options | 93 | | Methods to Validate |
167 | |-------------------------------------------------------------------------- | 94 | |-------------------------------------------------------------------------- |
168 | | | 95 | | |
169 | | xFrame defines whether or not your website can be embedded inside an | 96 | | Define an array of HTTP methods to be validated for a valid CSRF token. |
170 | | iframe. Choose from one of the following options. | 97 | | |
171 | | | 98 | */ |
172 | | - DENY | 99 | methods: ['POST', 'PUT', 'PATCH', 'DELETE'], |
173 | | - SAMEORIGIN | 100 | }, |
174 | | - ALLOW-FROM http://example.com | 101 | hsts: { |
175 | | | 102 | enabled: true, |
176 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | 103 | /* |
177 | */ | 104 | |-------------------------------------------------------------------------- |
178 | export const xFrame: ShieldConfig['xFrame'] = { | 105 | | Max Age |
179 | enabled: true, | 106 | |-------------------------------------------------------------------------- |
180 | action: 'DENY', | 107 | | |
181 | }; | 108 | | Control, how long the browser should remember that a site is only to be |
182 | 109 | | accessed using HTTPS. | |
183 | /* | 110 | | |
184 | |-------------------------------------------------------------------------- | 111 | */ |
185 | | Http Strict Transport Security | 112 | maxAge: '180 days', |
186 | |-------------------------------------------------------------------------- | ||
187 | | | ||
188 | | A security to ensure that a browser always makes a connection over | ||
189 | | HTTPS. | ||
190 | | | ||
191 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security | ||
192 | | | ||
193 | */ | ||
194 | export const hsts: ShieldConfig['hsts'] = { | ||
195 | enabled: true, | ||
196 | /* | ||
197 | |-------------------------------------------------------------------------- | ||
198 | | Max Age | ||
199 | |-------------------------------------------------------------------------- | ||
200 | | | ||
201 | | Control, how long the browser should remember that a site is only to be | ||
202 | | accessed using HTTPS. | ||
203 | | | ||
204 | */ | ||
205 | maxAge: '180 days', | ||
206 | |||
207 | /* | ||
208 | |-------------------------------------------------------------------------- | ||
209 | | Include Subdomains | ||
210 | |-------------------------------------------------------------------------- | ||
211 | | | ||
212 | | Apply rules on the subdomains as well. | ||
213 | | | ||
214 | */ | ||
215 | includeSubDomains: true, | ||
216 | 113 | ||
217 | /* | 114 | /* |
218 | |-------------------------------------------------------------------------- | 115 | |-------------------------------------------------------------------------- |
219 | | Preloading | 116 | | Include Subdomains |
220 | |-------------------------------------------------------------------------- | 117 | |-------------------------------------------------------------------------- |
221 | | | 118 | | |
222 | | Google maintains a service to register your domain and it will preload | 119 | | Apply rules on the subdomains as well. |
223 | | the HSTS policy. Learn more https://hstspreload.org/ | 120 | | |
224 | | | 121 | */ |
225 | */ | 122 | includeSubDomains: true, |
226 | preload: false, | ||
227 | }; | ||
228 | 123 | ||
229 | /* | 124 | /* |
230 | |-------------------------------------------------------------------------- | 125 | |-------------------------------------------------------------------------- |
231 | | No Sniff | 126 | | Preloading |
232 | |-------------------------------------------------------------------------- | 127 | |-------------------------------------------------------------------------- |
233 | | | 128 | | |
234 | | Browsers have a habit of sniffing content-type of a response. Which means | 129 | | Google maintains a service to register your domain and it will preload |
235 | | files with .txt extension containing Javascript code will be executed as | 130 | | the HSTS policy. Learn more https://hstspreload.org/ |
236 | | Javascript. You can disable this behavior by setting nosniff to false. | 131 | | |
237 | | | 132 | */ |
238 | | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options | 133 | preload: false, |
239 | | | 134 | }, |
240 | */ | 135 | contentTypeSniffing: { |
241 | export const contentTypeSniffing: ShieldConfig['contentTypeSniffing'] = { | 136 | enabled: true, |
242 | enabled: true, | 137 | }, |
243 | }; | 138 | }) |
diff --git a/config/static.ts b/config/static.ts index 1f7c88f..1d0d0c3 100644 --- a/config/static.ts +++ b/config/static.ts | |||
@@ -1,10 +1,10 @@ | |||
1 | import { AssetsConfig } from '@ioc:Adonis/Core/Static'; | 1 | import { defineConfig } from '@adonisjs/static' |
2 | 2 | ||
3 | const staticConfig: AssetsConfig = { | 3 | const staticConfig = defineConfig({ |
4 | enabled: true, | 4 | enabled: true, |
5 | dotFiles: 'ignore', | 5 | dotFiles: 'ignore', |
6 | etag: true, | 6 | etag: true, |
7 | lastModified: true, | 7 | lastModified: true, |
8 | }; | 8 | }) |
9 | 9 | ||
10 | export default staticConfig; | 10 | export default staticConfig |