summaryrefslogtreecommitdiff
path: root/app/config.js
blob: b7212e3cd89c0c62568523d1f290ce0c2ec84ad2 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

"use strict";

function deepFreeze(obj) {
  for (const name of Reflect.ownKeys(obj)) {
    const value = obj[name];
    if ((value && typeof value === "object") ||
        typeof value === "function") deepFreeze(value);
  } return Object.freeze(obj);
}

Math.clamp ||= ((x,l,h) => Math.max(l,Math.min(x,h)));

module.exports = deepFreeze({
  PORT: Math.clamp(+process.env.PORT||8080, 1, 65535),
  HOST: process.env.HOST||"0.0.0.0",
  DOMAIN: "localhost",
  SECURE: false, // i.e. served over https

  auth: {
    TOKEN_RENEW_AGE: 15*60, // 15 mins
    TOKEN_MAX_AGE: 30*86400, // 30 days
    TOKEN_LENGTH: 24, // bytes
    SESSION_ID_LENGTH: 12,
    USERNAME_MAX_LENGTH: 128,
    PASSWORD_MIN_LENGTH: 8,
    PASSWORD_MAX_LENGTH: 512, // Avoid DDOS
    RATE_LIMIT_MAX_LEVEL: 16,
    RATE_LIMIT_MAX_WAITING: 512,
    fingerprintIP: req =>
      //req.headers["cf-connecting-ip"] ||
      //req.headers["x-forwarded-for"] ||
      req.socket.remoteAddress,
  },
});