@apolitical/server
Version:
Node.js module to encapsulate Apolitical's express server setup
116 lines (112 loc) • 2.46 kB
JavaScript
'use strict';
const { NODE_ENV, LOG_LEVEL } = process.env;
const NAME = 'apolitical-server';
const UUID = '00000000-0000-0000-0000-000000000000';
const VERSION = '2.6.0';
const ADMIN_ROLE = 'administrator';
module.exports = {
NODE_ENV,
LOG_LEVEL,
LOGGER_OPTIONS: {
logLevel: LOG_LEVEL,
labels: {
name: NAME,
version: VERSION,
},
},
ENDPOINTS: {
PROBES: {
HEALTH: '/health',
LIVENESS: '/liveness',
READINESS: '/readiness',
},
DOCUMENTATION: '/docs/',
},
HELPERS: {
SANITISATION: {
DEFAULT_XSS_OPTIONS: {
whiteList: {}, // Disable all HTML tags and attributes
stripIgnoreTag: true, // Remove any remaining HTML content
stripIgnoreTagBody: ['script'], // Remove script tags and their content
},
},
},
MIDDLEWARES: {
PERMISSIONS: {
ADMIN_ROLE,
MYSELF_SLUG: 'me',
},
},
SERVER: {
CORS_OPTIONS: {
origin: true,
credentials: true,
},
BODY_PARSER_OPTIONS: {
JSON_OPTIONS: {
type: ['application/json', 'application/csp-report', 'application/reports+json'],
},
URL_ENCODED_OPTIONS: {
extended: false,
},
},
MORGAN_OPTIONS: {
LOGGED_OUT_ID: 'logged-out',
TOKENS: {
USER_ID: 'user-id',
},
},
CACHE_OPTIONS: {
max: 2, // Only liveness and readiness
ttl: 60 * 1000, // One minute
},
PROBES_OPTIONS: {
API: {
ALLOWED_PREFIXES: ['api'],
PREFIX_PATH: '/api',
},
UI: {
ALLOWED_PREFIXES: ['ui', 'pages'],
PREFIX_PATH: '/ui',
},
},
STATIC_FILES: {
OPTIONS: {
etag: false,
index: false,
maxAge: '1y',
},
NO_CACHE_TYPES: ['text/html', 'text/plain', 'application/json'],
},
},
JWT: {
APOLITICAL: {
COOKIE_KEY: 'apolitical_auth',
NAME: 'jwt',
SESSION: { session: false },
ADMIN_ROLE,
ISSUER: NAME,
},
AUTH0: {
CACHE: true,
RATE_LIMIT: true,
RPM: 10,
URI: 'https://{DOMAIN}/.well-known/jwks.json',
ALGORITHMS: ['RS256'],
ERRORS: {
UNAUTHORIZED: 'UnauthorizedError',
},
},
ENCODE: {
ALGORITHM: 'HS256',
HEADER: { alg: 'HS256', typ: 'JWT' },
DEFAULT_PAYLOAD: {
role: ADMIN_ROLE,
admin: true,
id: UUID,
iss: NAME,
sub: 'login',
},
},
},
};