Ehrenamt/ff-admin-server
2
0
Fork 0
Code Issues 17 Pull requests Projects Releases 38 Packages Wiki Activity Actions

change: security with ENV

Browse source
This commit is contained in:
Julian Krauser 2025-02-08 09:30:41 +01:00
parent 2e69f87578
commit ad2232969f
3 changed files with 52 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

22
src/env.defaults.ts
View file

@ -28,6 +28,13 @@ export const BACKUP_INTERVAL = Number(process.env.BACKUP_INTERVAL ?? "1");
export const BACKUP_COPIES = Number(process.env.BACKUP_COPIES ?? "7");
export const BACKUP_AUTO_RESTORE = process.env.BACKUP_AUTO_RESTORE ?? "true";
export const USE_SECURITY_STRICT_LIMIT = process.env.USE_SECURITY_STRICT_LIMIT ?? "true";
export const SECURITY_STRICT_LIMIT_WINDOW = process.env.SECURITY_STRICT_LIMIT_WINDOW ?? "15m";
export const SECURITY_STRICT_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_STRICT_LIMIT_REQUEST_COUNT ?? "15");
export const USE_SECURITY_LIMIT = process.env.USE_SECURITY_LIMIT ?? "true";
export const SECURITY_LIMIT_WINDOW = process.env.SECURITY_LIMIT_WINDOW ?? "1m";
export const SECURITY_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_LIMIT_REQUEST_COUNT ?? "500");
export function configCheck() {
if (DB_TYPE != "mysql" && DB_TYPE != "sqlite" && DB_TYPE != "postgres")
throw new Error("set valid value to DB_TYPE (mysql|sqlite|postgres)");
@ -62,15 +69,26 @@ export function configCheck() {
throw new Error("set 'true' or 'false' to BACKUP_AUTO_RESTORE");
if (BACKUP_INTERVAL < 1) throw new Error("BACKUP_INTERVAL has to be at least 1");
if (BACKUP_COPIES < 1) throw new Error("BACKUP_COPIES has to be at least 1");
if (USE_SECURITY_STRICT_LIMIT != "true" && USE_SECURITY_STRICT_LIMIT != "false")
throw new Error("set 'true' or 'false' to USE_SECURITY_STRICT_LIMIT");
checkMS(SECURITY_STRICT_LIMIT_WINDOW, "SECURITY_STRICT_LIMIT_WINDOW");
if (typeof SECURITY_STRICT_LIMIT_REQUEST_COUNT != "number")
throw new Error("set valid numeric value to SECURITY_STRICT_LIMIT_REQUEST_COUNT");
if (USE_SECURITY_LIMIT != "true" && USE_SECURITY_LIMIT != "false")
throw new Error("set 'true' or 'false' to USE_SECURITY_LIMIT");
checkMS(SECURITY_LIMIT_WINDOW, "SECURITY_LIMIT_WINDOW");
if (typeof SECURITY_LIMIT_REQUEST_COUNT != "number")
throw new Error("set valid numeric value to SECURITY_LIMIT_REQUEST_COUNT");
}
function checkMS(input: string, origin: string) {
try {
const result = ms(input);
if (result === undefined) {
throw new Error(`set valid ms value to ${origin}`);
throw new Error(`set valid ms value to ${origin} -> [0-9]*(y|d|h|m|s)`);
}
} catch (e) {
throw new Error(`set valid ms value to ${origin}`);
throw new Error(`set valid ms value to ${origin} -> [0-9]*(y|d|h|m|s)`);
}
}