geolba/tethys.backend
geolba/tethys.backend
2
0
Fork 2
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

- update to AdonisJS 6
Some checks failed
CI Pipeline / japa-tests (push) Failing after 1m15s
Details

Browse source
This commit is contained in:
Kaimbacher 2024-03-14 20:25:27 +01:00
parent f828ca4491
commit cb51a4136f
167 changed files with 21485 additions and 21212 deletions
Download patch file Download diff file Expand all files Collapse all files

365
config/app.ts
View file

@ -6,13 +6,14 @@
*/
import proxyAddr from 'proxy-addr';
import Env from '@ioc:Adonis/Core/Env';
import Application from '@ioc:Adonis/Core/Application';
import type { ServerConfig } from '@ioc:Adonis/Core/Server';
import type { LoggerConfig } from '@ioc:Adonis/Core/Logger';
import type { ProfilerConfig } from '@ioc:Adonis/Core/Profiler';
import type { ValidatorConfig } from '@ioc:Adonis/Core/Validator';
import type { AssetsManagerConfig } from '@ioc:Adonis/Core/AssetsManager';
import env from '#start/env';
// import app from '@adonisjs/core/services/app';
// import type { ProfilerConfig } from '@ioc:Adonis/Core/Profiler';
// import type { AssetsManagerConfig } from '@ioc:Adonis/Core/AssetsManager';
// import { ServerConfig } from "@adonisjs/core/services/server";
// import { LoggerConfig } from "@adonisjs/core/types/logger";
import { ValidatorConfig } from "@adonisjs/validator/types";
import { defineConfig } from "@adonisjs/core/http";
/*
|--------------------------------------------------------------------------
@ -27,7 +28,7 @@ import type { AssetsManagerConfig } from '@ioc:Adonis/Core/AssetsManager';
| be decrypted.
|
*/
export const appKey: string = Env.get('APP_KEY');
export const appKey: string = env.get('APP_KEY');
/*
|--------------------------------------------------------------------------
@ -38,176 +39,120 @@ export const appKey: string = Env.get('APP_KEY');
| the config properties to make keep server secure.
|
*/
export const http: ServerConfig = {
/*
|--------------------------------------------------------------------------
| Allow method spoofing
|--------------------------------------------------------------------------
|
| Method spoofing enables defining custom HTTP methods using a query string
| `_method`. This is usually required when you are making traditional
| form requests and wants to use HTTP verbs like `PUT`, `DELETE` and
| so on.
|
*/
allowMethodSpoofing: false,
/*
|--------------------------------------------------------------------------
| Subdomain offset
|--------------------------------------------------------------------------
*/
subdomainOffset: 2,
/*
|--------------------------------------------------------------------------
| Request Ids
|--------------------------------------------------------------------------
|
| Setting this value to `true` will generate a unique request id for each
| HTTP request and set it as `x-request-id` header.
|
*/
generateRequestId: false,
/*
|--------------------------------------------------------------------------
| Trusting proxy servers
|--------------------------------------------------------------------------
|
| Define the proxy servers that AdonisJs must trust for reading `X-Forwarded`
| headers.
|
*/
trustProxy: proxyAddr.compile('loopback'),
/*
|--------------------------------------------------------------------------
| Generating Etag
|--------------------------------------------------------------------------
|
| Whether or not to generate an etag for every response.
|
*/
etag: false,
/*
|--------------------------------------------------------------------------
| JSONP Callback
|--------------------------------------------------------------------------
*/
jsonpCallbackName: 'callback',
/*
|--------------------------------------------------------------------------
| Cookie settings
|--------------------------------------------------------------------------
*/
cookie: {
domain: '',
path: '/',
maxAge: '2h',
httpOnly: true,
secure: false,
sameSite: false,
},
};
/*
export const http = defineConfig({
/*
|--------------------------------------------------------------------------
| Logger
| Allow method spoofing
|--------------------------------------------------------------------------
|
| Method spoofing enables defining custom HTTP methods using a query string
| `_method`. This is usually required when you are making traditional
| form requests and wants to use HTTP verbs like `PUT`, `DELETE` and
| so on.
|
*/
allowMethodSpoofing: false,
/*
|--------------------------------------------------------------------------
| Subdomain offset
|--------------------------------------------------------------------------
*/
export const logger: LoggerConfig = {
/*
|--------------------------------------------------------------------------
| Application name
|--------------------------------------------------------------------------
|
| The name of the application you want to add to the log. It is recommended
| to always have app name in every log line.
|
| The `APP_NAME` environment variable is automatically set by AdonisJS by
| reading the `name` property from the `package.json` file.
|
*/
name: Env.get('APP_NAME'),
subdomainOffset: 2,
/*
|--------------------------------------------------------------------------
| Toggle logger
|--------------------------------------------------------------------------
|
| Enable or disable logger application wide
|
*/
enabled: true,
/*
|--------------------------------------------------------------------------
| Request Ids
|--------------------------------------------------------------------------
|
| Setting this value to `true` will generate a unique request id for each
| HTTP request and set it as `x-request-id` header.
|
*/
generateRequestId: false,
/*
|--------------------------------------------------------------------------
| Logging level
|--------------------------------------------------------------------------
|
| The level from which you want the logger to flush logs. It is recommended
| to make use of the environment variable, so that you can define log levels
| at deployment level and not code level.
|
*/
level: Env.get('LOG_LEVEL', 'info'),
redact: {
paths: ['password', '*.password'],
},
/*
|--------------------------------------------------------------------------
| Trusting proxy servers
|--------------------------------------------------------------------------
|
| Define the proxy servers that AdonisJs must trust for reading `X-Forwarded`
| headers.
|
*/
trustProxy: proxyAddr.compile('loopback'),
/*
|--------------------------------------------------------------------------
| Generating Etag
|--------------------------------------------------------------------------
|
| Whether or not to generate an etag for every response.
|
*/
etag: false,
/*
|--------------------------------------------------------------------------
| JSONP Callback
|--------------------------------------------------------------------------
*/
jsonpCallbackName: 'callback',
/*
|--------------------------------------------------------------------------
| Cookie settings
|--------------------------------------------------------------------------
*/
cookie: {
domain: '',
path: '/',
maxAge: '2h',
httpOnly: true,
secure: false,
sameSite: false,
},
});
/*
|--------------------------------------------------------------------------
| Pretty print
|--------------------------------------------------------------------------
|
| It is highly advised NOT to use `prettyPrint` in production, since it
| can have huge impact on performance.
|
*/
prettyPrint: Env.get('NODE_ENV') === 'development',
};
/*
|--------------------------------------------------------------------------
| Profiler
|--------------------------------------------------------------------------
*/
export const profiler: ProfilerConfig = {
/*
|--------------------------------------------------------------------------
| Toggle profiler
|--------------------------------------------------------------------------
|
| Enable or disable profiler
|
*/
enabled: true,
// export const profiler: ProfilerConfig = {
// /*
// |--------------------------------------------------------------------------
// | Toggle profiler
// |--------------------------------------------------------------------------
// |
// | Enable or disable profiler
// |
// */
// enabled: true,
/*
|--------------------------------------------------------------------------
| Blacklist actions/row labels
|--------------------------------------------------------------------------
|
| Define an array of actions or row labels that you want to disable from
| getting profiled.
|
*/
blacklist: [],
// /*
// |--------------------------------------------------------------------------
// | Blacklist actions/row labels
// |--------------------------------------------------------------------------
// |
// | Define an array of actions or row labels that you want to disable from
// | getting profiled.
// |
// */
// blacklist: [],
/*
|--------------------------------------------------------------------------
| Whitelist actions/row labels
|--------------------------------------------------------------------------
|
| Define an array of actions or row labels that you want to whitelist for
| the profiler. When whitelist is defined, then `blacklist` is ignored.
|
*/
whitelist: [],
};
// /*
// |--------------------------------------------------------------------------
// | Whitelist actions/row labels
// |--------------------------------------------------------------------------
// |
// | Define an array of actions or row labels that you want to whitelist for
// | the profiler. When whitelist is defined, then `blacklist` is ignored.
// |
// */
// whitelist: [],
// };
/*
|--------------------------------------------------------------------------
@ -228,52 +173,52 @@ export const validator: ValidatorConfig = {};
| Configure the asset manager you are using to compile the frontend assets
|
*/
export const assets: AssetsManagerConfig = {
/*
|--------------------------------------------------------------------------
| Driver
|--------------------------------------------------------------------------
|
| Currently we only support webpack encore and may introduce more drivers
| in the future
|
*/
driver: Env.get('ASSETS_DRIVER'),
// export const assets: AssetsManagerConfig = {
// /*
// |--------------------------------------------------------------------------
// | Driver
// |--------------------------------------------------------------------------
// |
// | Currently we only support webpack encore and may introduce more drivers
// | in the future
// |
// */
// driver: env.get('ASSETS_DRIVER'),
/*
|--------------------------------------------------------------------------
| Public path
|--------------------------------------------------------------------------
|
| Directory to search for the "manifest.json" and the "entrypoints.json"
| files
|
*/
publicPath: Application.publicPath('assets'),
// /*
// |--------------------------------------------------------------------------
// | Public path
// |--------------------------------------------------------------------------
// |
// | Directory to search for the "manifest.json" and the "entrypoints.json"
// | files
// |
// */
// publicPath: app.publicPath('assets'),
/*
|--------------------------------------------------------------------------
| Script tag
|--------------------------------------------------------------------------
|
| Define attributes for the entryPointScripts tags
|
*/
script: {
attributes: {
defer: true,
},
},
// /*
// |--------------------------------------------------------------------------
// | Script tag
// |--------------------------------------------------------------------------
// |
// | Define attributes for the entryPointScripts tags
// |
// */
// script: {
// attributes: {
// defer: true,
// },
// },
/*
|--------------------------------------------------------------------------
| Style tag
|--------------------------------------------------------------------------
|
| Define attributes for the entryPointStyles tags
|
*/
style: {
attributes: {},
},
};
// /*
// |--------------------------------------------------------------------------
// | Style tag
// |--------------------------------------------------------------------------
// |
// | Define attributes for the entryPointStyles tags
// |
// */
// style: {
// attributes: {},
// },
// };

163
config/auth.ts
View file

@ -1,86 +1,89 @@
/**
* Config source: https://git.io/JY0mp
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/
import { defineConfig } from '@adonisjs/auth';
import { Authenticators } from '@adonisjs/auth/types';
import { sessionGuard, sessionUserProvider } from '@adonisjs/auth/session';
// import User from '#app/Models/User';
// import { SessionLucidUserProviderOptions } from '@adonisjs/auth/types/session';
import { Authenticator } from '@adonisjs/auth';
import { GuardFactory } from '@adonisjs/auth/types';
import type { AuthConfig } from '@ioc:Adonis/Addons/Auth';
// export declare function sessionUserProvider<Model extends LucidAuthenticatable>(config: SessionLucidUserProviderOptions<Model>): SessionLucidUserProvider<Model>;
/*
|--------------------------------------------------------------------------
| Authentication Mapping
|--------------------------------------------------------------------------
|
| List of available authentication mapping. You must first define them
| inside the `contracts/auth.ts` file before mentioning them here.
|
*/
const authConfig: AuthConfig = {
guard: 'web',
const authConfig = defineConfig({
default: 'web',
guards: {
/*
|--------------------------------------------------------------------------
| Web Guard
|--------------------------------------------------------------------------
|
| Web guard uses classic old school sessions for authenticating users.
| If you are building a standard web application, it is recommended to
| use web guard with session driver
|
*/
web: {
driver: 'session',
provider: {
/*
|--------------------------------------------------------------------------
| Driver
|--------------------------------------------------------------------------
|
| Name of the driver
|
*/
driver: 'lucid',
/*
|--------------------------------------------------------------------------
| Identifier key
|--------------------------------------------------------------------------
|
| The identifier key is the unique key on the model. In most cases specifying
| the primary key is the right choice.
|
*/
identifierKey: 'id',
/*
|--------------------------------------------------------------------------
| Uids
|--------------------------------------------------------------------------
|
| Uids are used to search a user against one of the mentioned columns. During
| login, the auth module will search the user mentioned value against one
| of the mentioned columns to find their user record.
|
*/
uids: ['email'],
/*
|--------------------------------------------------------------------------
| Model
|--------------------------------------------------------------------------
|
| The model to use for fetching or finding users. The model is imported
| lazily since the config files are read way earlier in the lifecycle
| of booting the app and the models may not be in a usable state at
| that time.
|
*/
model: () => import('App/Models/User'),
},
},
web: sessionGuard({
useRememberMeTokens: false,
provider: sessionUserProvider({
model: () => import('#app/Models/User'),
}),
}),
},
};
});
export default authConfig;
/**
* Inferring types from the configured auth
* guards.
*/
declare module '@adonisjs/auth/types' {
// export type InferAuthenticators<
// Config extends ConfigProvider<{
// default: unknown;
// guards: unknown;
// }>,
// > = Awaited<ReturnType<Config['resolver']>>['guards'];
// interface ProvidersList {
// /*
// |--------------------------------------------------------------------------
// | User Provider
// |--------------------------------------------------------------------------
// |
// | The following provider uses Lucid models as a driver for fetching user
// | details from the database for authentication.
// |
// | You can create multiple providers using the same underlying driver with
// | different Lucid models.
// |
// */
// // user: {
// // implementation: SessionLucidUserProvider<typeof User>;
// // config: LucidProviderConfig<typeof User>;
// // };
// user: {
// implementation: SessionLucidUserProvider<typeof User>;
// config: SessionLucidUserProviderOptions<typeof User>;
// };
// }
interface Authenticators extends InferAuthenticators<typeof authConfig> {}
// const PROVIDER_REAL_USER: unique symbol;
// export type SessionGuardUser<RealUser> = {
// getId(): string | number | BigInt;
// getOriginal(): RealUser;
// };
// export interface SessionUserProviderContract<User> {
// [PROVIDER_REAL_USER]: User;
// /**
// * Create a user object that acts as an adapter between
// * the guard and real user value.
// */
// createUserForGuard(user: User): Promise<SessionGuardUser<User>>;
// /**
// * Find a user by their id.
// */
// findById(identifier: string | number | BigInt): Promise<SessionGuardUser<User> | null>;
// }
}
// declare module '@adonisjs/core/types' {
// interface EventsList extends InferAuthEvents<Authenticators> {}
// }
declare module '@adonisjs/core/http' {
interface HttpContext {
auth: Authenticator<Authenticators extends Record<string, GuardFactory> ? Authenticators : never>;
}
}

271
config/bodyparser.ts
View file

@ -5,29 +5,31 @@
* file.
*/
import type { BodyParserConfig } from '@ioc:Adonis/Core/BodyParser';
// import type { BodyParserConfig } from '@adonisjs/core/bodyparser';
import env from '#start/env';
import { defineConfig } from '@adonisjs/core/bodyparser';
const bodyParserConfig: BodyParserConfig = {
const bodyParserConfig = defineConfig({
/*
|--------------------------------------------------------------------------
| White listed methods
|--------------------------------------------------------------------------
|
| HTTP methods for which body parsing must be performed. It is a good practice
| to avoid body parsing for `GET` requests.
|
*/
|--------------------------------------------------------------------------
| White listed methods
|--------------------------------------------------------------------------
|
| HTTP methods for which body parsing must be performed. It is a good practice
| to avoid body parsing for `GET` requests.
|
*/
whitelistedMethods: ['POST', 'PUT', 'PATCH', 'DELETE'],
/*
|--------------------------------------------------------------------------
| JSON parser settings
|--------------------------------------------------------------------------
|
| The settings for the JSON parser. The types defines the request content
| types which gets processed by the JSON parser.
|
*/
|--------------------------------------------------------------------------
| JSON parser settings
|--------------------------------------------------------------------------
|
| The settings for the JSON parser. The types defines the request content
| types which gets processed by the JSON parser.
|
*/
json: {
encoding: 'utf-8',
limit: '1mb',
@ -36,165 +38,166 @@ const bodyParserConfig: BodyParserConfig = {
},
/*
|--------------------------------------------------------------------------
| Form parser settings
|--------------------------------------------------------------------------
|
| The settings for the `application/x-www-form-urlencoded` parser. The types
| defines the request content types which gets processed by the form parser.
|
*/
|--------------------------------------------------------------------------
| Form parser settings
|--------------------------------------------------------------------------
|
| The settings for the `application/x-www-form-urlencoded` parser. The types
| defines the request content types which gets processed by the form parser.
|
*/
form: {
encoding: 'utf-8',
limit: '1mb',
queryString: {},
/*
|--------------------------------------------------------------------------
| Convert empty strings to null
|--------------------------------------------------------------------------
|
| Convert empty form fields to null. HTML forms results in field string
| value when the field is left blank. This option normalizes all the blank
| field values to "null"
|
*/
|--------------------------------------------------------------------------
| Convert empty strings to null
|--------------------------------------------------------------------------
|
| Convert empty form fields to null. HTML forms results in field string
| value when the field is left blank. This option normalizes all the blank
| field values to "null"
|
*/
convertEmptyStringsToNull: true,
types: ['application/x-www-form-urlencoded'],
},
/*
|--------------------------------------------------------------------------
| Raw body parser settings
|--------------------------------------------------------------------------
|
| Raw body just reads the request body stream as a plain text, which you
| can process by hand. This must be used when request body type is not
| supported by the body parser.
|
*/
|--------------------------------------------------------------------------
| Raw body parser settings
|--------------------------------------------------------------------------
|
| Raw body just reads the request body stream as a plain text, which you
| can process by hand. This must be used when request body type is not
| supported by the body parser.
|
*/
raw: {
encoding: 'utf-8',
limit: '1mb',
queryString: {},
// queryString: {},
types: ['text/*'],
},
/*
|--------------------------------------------------------------------------
| Multipart parser settings
|--------------------------------------------------------------------------
|
| The settings for the `multipart/form-data` parser. The types defines the
| request content types which gets processed by the form parser.
|
*/
|--------------------------------------------------------------------------
| Multipart parser settings
|--------------------------------------------------------------------------
|
| The settings for the `multipart/form-data` parser. The types defines the
| request content types which gets processed by the form parser.
|
*/
multipart: {
/*
|--------------------------------------------------------------------------
| Auto process
|--------------------------------------------------------------------------
|
| The auto process option will process uploaded files and writes them to
| the `tmp` folder. You can turn it off and then manually use the stream
| to pipe stream to a different destination.
|
| It is recommended to keep `autoProcess=true`. Unless you are processing bigger
| file sizes.
|
*/
|--------------------------------------------------------------------------
| Auto process
|--------------------------------------------------------------------------
|
| The auto process option will process uploaded files and writes them to
| the `tmp` folder. You can turn it off and then manually use the stream
| to pipe stream to a different destination.
|
| It is recommended to keep `autoProcess=true`. Unless you are processing bigger
| file sizes.
|
*/
autoProcess: true,
/*
|--------------------------------------------------------------------------
| Files to be processed manually
|--------------------------------------------------------------------------
|
| You can turn off `autoProcess` for certain routes by defining
| routes inside the following array.
|
| NOTE: Make sure the route pattern starts with a leading slash.
|
| Correct
| ```js
| /projects/:id/file
| ```
|
| Incorrect
| ```js
| projects/:id/file
| ```
*/
|--------------------------------------------------------------------------
| Files to be processed manually
|--------------------------------------------------------------------------
|
| You can turn off `autoProcess` for certain routes by defining
| routes inside the following array.
|
| NOTE: Make sure the route pattern starts with a leading slash.
|
| Correct
| ```js
| /projects/:id/file
| ```
|
| Incorrect
| ```js
| projects/:id/file
| ```
*/
processManually: [],
/*
|--------------------------------------------------------------------------
| Temporary file name
|--------------------------------------------------------------------------
|
| When auto processing is on. We will use this method to compute the temporary
| file name. AdonisJs will compute a unique `tmpPath` for you automatically,
| However, you can also define your own custom method.
|
*/
|--------------------------------------------------------------------------
| Temporary file name
|--------------------------------------------------------------------------
|
| When auto processing is on. We will use this method to compute the temporary
| file name. AdonisJs will compute a unique `tmpPath` for you automatically,
| However, you can also define your own custom method.
|
*/
// tmpFileName () {
// },
/*
|--------------------------------------------------------------------------
| Encoding
|--------------------------------------------------------------------------
|
| Request body encoding
|
*/
|--------------------------------------------------------------------------
| Encoding
|--------------------------------------------------------------------------
|
| Request body encoding
|
*/
encoding: 'utf-8',
/*
|--------------------------------------------------------------------------
| Convert empty strings to null
|--------------------------------------------------------------------------
|
| Convert empty form fields to null. HTML forms results in field string
| value when the field is left blank. This option normalizes all the blank
| field values to "null"
|
*/
|--------------------------------------------------------------------------
| Convert empty strings to null
|--------------------------------------------------------------------------
|
| Convert empty form fields to null. HTML forms results in field string
| value when the field is left blank. This option normalizes all the blank
| field values to "null"
|
*/
convertEmptyStringsToNull: true,
/*
|--------------------------------------------------------------------------
| Max Fields
|--------------------------------------------------------------------------
|
| The maximum number of fields allowed in the request body. The field includes
| text inputs and files both.
|
*/
|--------------------------------------------------------------------------
| Max Fields
|--------------------------------------------------------------------------
|
| The maximum number of fields allowed in the request body. The field includes
| text inputs and files both.
|
*/
maxFields: 1000,
/*
|--------------------------------------------------------------------------
| Request body limit
|--------------------------------------------------------------------------
|
| The total limit to the multipart body. This includes all request files
| and fields data.
|
*/
limit: '20mb',
|--------------------------------------------------------------------------
| Request body limit
|--------------------------------------------------------------------------
|
| The total limit to the multipart body. This includes all request files
| and fields data.
|
*/
// limit: '20mb',
limit: env.get('UPLOAD_LIMIT', '513mb'),
/*
|--------------------------------------------------------------------------
| Types
|--------------------------------------------------------------------------
|
| The types that will be considered and parsed as multipart body.
|
*/
|--------------------------------------------------------------------------
| Types
|--------------------------------------------------------------------------
|
| The types that will be considered and parsed as multipart body.
|
*/
types: ['multipart/form-data'],
},
};
});
export default bodyParserConfig;

227
config/cors.ts
View file

@ -1,127 +1,120 @@
/**
* Config source: https://git.io/JfefC
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/
import { defineConfig } from "@adonisjs/cors";
import type { CorsConfig } from '@ioc:Adonis/Core/Cors';
const corsConfig = defineConfig({
/*
|--------------------------------------------------------------------------
| Enabled
|--------------------------------------------------------------------------
|
| A boolean to enable or disable CORS integration from your AdonisJs
| application.
|
| Setting the value to `true` will enable the CORS for all HTTP request. However,
| you can define a function to enable/disable it on per request basis as well.
|
*/
enabled: false,
const corsConfig: CorsConfig = {
/*
|--------------------------------------------------------------------------
| Enabled
|--------------------------------------------------------------------------
|
| A boolean to enable or disable CORS integration from your AdonisJs
| application.
|
| Setting the value to `true` will enable the CORS for all HTTP request. However,
| you can define a function to enable/disable it on per request basis as well.
|
*/
enabled: false,
// You can also use a function that return true or false.
// enabled: (request) => request.url().startsWith('/api')
// You can also use a function that return true or false.
// enabled: (request) => request.url().startsWith('/api')
/*
|--------------------------------------------------------------------------
| Origin
|--------------------------------------------------------------------------
|
| Set a list of origins to be allowed for `Access-Control-Allow-Origin`.
| The value can be one of the following:
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
|
| Boolean (true) - Allow current request origin.
| Boolean (false) - Disallow all.
| String - Comma separated list of allowed origins.
| Array - An array of allowed origins.
| String (*) - A wildcard (*) to allow all request origins.
| Function - Receives the current origin string and should return
| one of the above values.
|
*/
origin: true,
/*
|--------------------------------------------------------------------------
| Origin
|--------------------------------------------------------------------------
|
| Set a list of origins to be allowed for `Access-Control-Allow-Origin`.
| The value can be one of the following:
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
|
| Boolean (true) - Allow current request origin.
| Boolean (false) - Disallow all.
| String - Comma separated list of allowed origins.
| Array - An array of allowed origins.
| String (*) - A wildcard (*) to allow all request origins.
| Function - Receives the current origin string and should return
| one of the above values.
|
*/
origin: true,
/*
|--------------------------------------------------------------------------
| Methods
|--------------------------------------------------------------------------
|
| An array of allowed HTTP methods for CORS. The `Access-Control-Request-Method`
| is checked against the following list.
|
| Following is the list of default methods. Feel free to add more.
*/
methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'],
/*
|--------------------------------------------------------------------------
| Methods
|--------------------------------------------------------------------------
|
| An array of allowed HTTP methods for CORS. The `Access-Control-Request-Method`
| is checked against the following list.
|
| Following is the list of default methods. Feel free to add more.
*/
methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'],
/*
|--------------------------------------------------------------------------
| Headers
|--------------------------------------------------------------------------
|
| List of headers to be allowed for `Access-Control-Allow-Headers` header.
| The value can be one of the following:
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
|
| Boolean(true) - Allow all headers mentioned in `Access-Control-Request-Headers`.
| Boolean(false) - Disallow all headers.
| String - Comma separated list of allowed headers.
| Array - An array of allowed headers.
| Function - Receives the current header and should return one of the above values.
|
*/
headers: true,
/*
|--------------------------------------------------------------------------
| Headers
|--------------------------------------------------------------------------
|
| List of headers to be allowed for `Access-Control-Allow-Headers` header.
| The value can be one of the following:
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
|
| Boolean(true) - Allow all headers mentioned in `Access-Control-Request-Headers`.
| Boolean(false) - Disallow all headers.
| String - Comma separated list of allowed headers.
| Array - An array of allowed headers.
| Function - Receives the current header and should return one of the above values.
|
*/
headers: true,
/*
|--------------------------------------------------------------------------
| Expose Headers
|--------------------------------------------------------------------------
|
| A list of headers to be exposed by setting `Access-Control-Expose-Headers`.
| header. By default following 6 simple response headers are exposed.
|
| Cache-Control
| Content-Language
| Content-Type
| Expires
| Last-Modified
| Pragma
|
| In order to add more headers, simply define them inside the following array.
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
|
*/
exposeHeaders: ['cache-control', 'content-language', 'content-type', 'expires', 'last-modified', 'pragma'],
/*
|--------------------------------------------------------------------------
| Expose Headers
|--------------------------------------------------------------------------
|
| A list of headers to be exposed by setting `Access-Control-Expose-Headers`.
| header. By default following 6 simple response headers are exposed.
|
| Cache-Control
| Content-Language
| Content-Type
| Expires
| Last-Modified
| Pragma
|
| In order to add more headers, simply define them inside the following array.
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
|
*/
exposeHeaders: ['cache-control', 'content-language', 'content-type', 'expires', 'last-modified', 'pragma'],
/*
|--------------------------------------------------------------------------
| Credentials
|--------------------------------------------------------------------------
|
| Toggle `Access-Control-Allow-Credentials` header. If value is set to `true`,
| then header will be set, otherwise not.
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
|
*/
credentials: true,
/*
|--------------------------------------------------------------------------
| Credentials
|--------------------------------------------------------------------------
|
| Toggle `Access-Control-Allow-Credentials` header. If value is set to `true`,
| then header will be set, otherwise not.
|
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
|
*/
credentials: true,
/*
|--------------------------------------------------------------------------
| MaxAge
|--------------------------------------------------------------------------
|
| Define `Access-Control-Max-Age` header in seconds.
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
|
*/
maxAge: 90,
};
/*
|--------------------------------------------------------------------------
| MaxAge
|--------------------------------------------------------------------------
|
| Define `Access-Control-Max-Age` header in seconds.
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
|
*/
maxAge: 90,
});
export default corsConfig;

89
config/database.ts
View file

@ -5,52 +5,53 @@
* file.
*/
import Env from '@ioc:Adonis/Core/Env';
import { DatabaseConfig } from '@ioc:Adonis/Lucid/Database';
import env from '#start/env';
// import { DatabaseConfig } from "@adonisjs/lucid/database";
import { defineConfig } from "@adonisjs/lucid";
const databaseConfig: DatabaseConfig = {
const databaseConfig = defineConfig({
/*
|--------------------------------------------------------------------------
| Connection
|--------------------------------------------------------------------------
|
| The primary connection for making database queries across the application
| You can use any key from the `connections` object defined in this same
| file.
|
*/
connection: env.get('DB_CONNECTION'),
connections: {
/*
|--------------------------------------------------------------------------
| Connection
|--------------------------------------------------------------------------
|
| The primary connection for making database queries across the application
| You can use any key from the `connections` object defined in this same
| file.
|
*/
connection: Env.get('DB_CONNECTION'),
connections: {
/*
|--------------------------------------------------------------------------
| PostgreSQL config
|--------------------------------------------------------------------------
|
| Configuration for PostgreSQL database. Make sure to install the driver
| from npm when using this connection
|
| npm i pg
|
*/
pg: {
client: 'pg',
connection: {
host: Env.get('PG_HOST'),
port: Env.get('PG_PORT'),
user: Env.get('PG_USER'),
password: Env.get('PG_PASSWORD', ''),
database: Env.get('PG_DB_NAME'),
},
searchPath: ['gba', 'public'],
migrations: {
naturalSort: true,
},
healthCheck: false,
debug: false,
pool: { min: 1, max: 100 },
},
|--------------------------------------------------------------------------
| PostgreSQL config
|--------------------------------------------------------------------------
|
| Configuration for PostgreSQL database. Make sure to install the driver
| from npm when using this connection
|
| npm i pg
|
*/
pg: {
client: 'pg',
connection: {
host: env.get('PG_HOST'),
port: env.get('PG_PORT'),
user: env.get('PG_USER'),
password: env.get('PG_PASSWORD', ''),
database: env.get('PG_DB_NAME'),
},
searchPath: ['gba', 'public'],
migrations: {
naturalSort: true,
},
healthCheck: false,
debug: false,
pool: { min: 1, max: 100 },
},
};
},
});
export default databaseConfig;

7
config/drive.ts
View file

@ -5,8 +5,9 @@
* file.
*/
import Env from '@ioc:Adonis/Core/Env';
import { driveConfig } from '@adonisjs/core/build/config';
import env from '#start/env';
// import { driveConfig } from '@adonisjs/core/build/config';
import { driveConfig } from "@adonisjs/drive/build/config.js";
// import Application from '@ioc:Adonis/Core/Application';
/*
@ -28,7 +29,7 @@ export default driveConfig({
| the `DRIVE_DISK` environment variable.
|
*/
disk: Env.get('DRIVE_DISK', 'local'),
disk: env.get('DRIVE_DISK', 'local'),
disks: {
/*

158
config/hash.ts
View file

@ -5,9 +5,10 @@
* file.
*/
import Env from '@ioc:Adonis/Core/Env';
import { hashConfig } from '@adonisjs/core/build/config';
import env from '#start/env';
import { defineConfig } from "@adonisjs/core/hash";
import { drivers } from "@adonisjs/core/hash";
import { laravelDriver } from '../providers/HashDriver/index.js';
/*
|--------------------------------------------------------------------------
| Hash Config
@ -17,80 +18,87 @@ import { hashConfig } from '@adonisjs/core/build/config';
| defined inside `contracts` directory.
|
*/
export default hashConfig({
export default defineConfig({
/*
|--------------------------------------------------------------------------
| Default hasher
|--------------------------------------------------------------------------
|
| By default we make use of the argon hasher to hash values. However, feel
| free to change the default value
|
*/
default: env.get('HASH_DRIVER', 'scrypt'),
list: {
/*
|--------------------------------------------------------------------------
| Default hasher
|--------------------------------------------------------------------------
|
| By default we make use of the argon hasher to hash values. However, feel
| free to change the default value
|
*/
default: Env.get('HASH_DRIVER', 'scrypt'),
|--------------------------------------------------------------------------
| scrypt
|--------------------------------------------------------------------------
|
| Scrypt mapping uses the Node.js inbuilt crypto module for creating
| hashes.
|
| We are using the default configuration recommended within the Node.js
| documentation.
| https://nodejs.org/api/crypto.html#cryptoscryptpassword-salt-keylen-options-callback
|
*/
scrypt: drivers.scrypt({
cost: 16384,
blockSize: 8,
parallelization: 1,
saltSize: 16,
keyLength: 64,
maxMemory: 32 * 1024 * 1024,
}),
list: {
/*
|--------------------------------------------------------------------------
| scrypt
|--------------------------------------------------------------------------
|
| Scrypt mapping uses the Node.js inbuilt crypto module for creating
| hashes.
|
| We are using the default configuration recommended within the Node.js
| documentation.
| https://nodejs.org/api/crypto.html#cryptoscryptpassword-salt-keylen-options-callback
|
*/
scrypt: {
driver: 'scrypt',
cost: 16384,
blockSize: 8,
parallelization: 1,
saltSize: 16,
keyLength: 64,
maxMemory: 32 * 1024 * 1024,
},
/*
|--------------------------------------------------------------------------
| Argon
|--------------------------------------------------------------------------
|
| Argon mapping uses the `argon2` driver to hash values.
|
| Make sure you install the underlying dependency for this driver to work.
| https://www.npmjs.com/package/phc-argon2.
|
| npm install phc-argon2
|
*/
argon: drivers.argon2({
variant: 'id',
iterations: 3,
memory: 4096,
parallelism: 1,
saltSize: 16,
}),
/*
|--------------------------------------------------------------------------
| Argon
|--------------------------------------------------------------------------
|
| Argon mapping uses the `argon2` driver to hash values.
|
| Make sure you install the underlying dependency for this driver to work.
| https://www.npmjs.com/package/phc-argon2.
|
| npm install phc-argon2
|
*/
argon: {
driver: 'argon2',
variant: 'id',
iterations: 3,
memory: 4096,
parallelism: 1,
saltSize: 16,
},
/*
|--------------------------------------------------------------------------
| Bcrypt
|--------------------------------------------------------------------------
|
| Bcrypt mapping uses the `bcrypt` driver to hash values.
|
| Make sure you install the underlying dependency for this driver to work.
| https://www.npmjs.com/package/phc-bcrypt.
|
| npm install phc-bcrypt
|
*/
bcrypt: drivers.bcrypt({
rounds: 10,
}),
/*
|--------------------------------------------------------------------------
| Bcrypt
|--------------------------------------------------------------------------
|
| Bcrypt mapping uses the `bcrypt` driver to hash values.
|
| Make sure you install the underlying dependency for this driver to work.
| https://www.npmjs.com/package/phc-bcrypt.
|
| npm install phc-bcrypt
|
*/
bcrypt: {
driver: 'bcrypt',
rounds: 10,
},
},
laravel: laravelDriver({
rounds: 10,
}),
},
});
declare module '@adonisjs/core/types' {
export interface HashersList extends InferHashers<typeof hashConfig> { }
}

71
config/inertia.ts
View file

@ -1,20 +1,57 @@
/**
* Feel free to let me know via PR,
* if you find something broken in this config file.
*/
import { defineConfig } from '@adonisjs/inertia';
import type { HttpContext } from '@adonisjs/core/http';
import { InertiaConfig } from '@ioc:EidelLev/Inertia';
export default defineConfig({
/**
* Path to the Edge view that will be used as the root view for Inertia responses
*/
rootView: 'app',
/*
|--------------------------------------------------------------------------
| Inertia-AdonisJS config
|--------------------------------------------------------------------------
|
*/
/**
* Data that should be shared with all rendered pages
*/
sharedData: {
errors: (ctx) => ctx.session.flashMessages.get('errors'),
export const inertia: InertiaConfig = {
view: 'app',
// ssr: {
// enabled: false,
// },
};
user_id: (ctx) => {
return ctx.session.flashMessages.get('user_id');
},
flash: (ctx) => {
return {
message: ctx.session.flashMessages.get('message'),
warning: ctx.session.flashMessages.get('warning'),
};
},
// params: ({ params }) => params,
authUser: async ({ auth }: HttpContext) => {
if (auth.user) {
await auth.user.load('roles');
return auth.user;
// {
// 'id': auth.user.id,
// 'login': auth.user.login,
// };
} else {
return null;
}
},
},
});
// import { InertiaConfig } from '@ioc:EidelLev/Inertia';
// /*
// |--------------------------------------------------------------------------
// | Inertia-AdonisJS config
// |--------------------------------------------------------------------------
// |
// */
// export const inertia: InertiaConfig = {
// view: 'app',
// // ssr: {
// // enabled: false,
// // },
// };

35
config/logger.ts Normal file
View file

@ -0,0 +1,35 @@
import env from '#start/env'
import app from '@adonisjs/core/services/app'
import { defineConfig, targets } from '@adonisjs/core/logger'
const loggerConfig = defineConfig({
default: 'app',
/**
* The loggers object can be used to define multiple loggers.
* By default, we configure only one logger (named "app").
*/
loggers: {
app: {
enabled: true,
name: env.get('APP_NAME'),
level: env.get('LOG_LEVEL'),
transport: {
targets: targets()
.pushIf(!app.inProduction, targets.pretty())
.pushIf(app.inProduction, targets.file({ destination: 1 }))
.toArray(),
},
},
},
})
export default loggerConfig
/**
* Inferring types for the list of loggers you have configured
* in your application.
*/
declare module '@adonisjs/core/types' {
export interface LoggersList extends InferLoggers<typeof loggerConfig> {}
}

6
config/oai.ts
View file

@ -1,4 +1,4 @@
import Env from '@ioc:Adonis/Core/Env';
import env from '#start/env';
interface OaiConfig {
max: { listidentifiers: number; listrecords: number };
@ -7,8 +7,8 @@ interface OaiConfig {
}
const config: OaiConfig = {
max: {
listidentifiers: parseInt(Env.get('OAI_LIST_SIZE', 100), 10),
listrecords: parseInt(Env.get('OAI_LIST_SIZE', 100), 10),
listidentifiers: parseInt(env.get('OAI_LIST_SIZE', 100), 10),
listrecords: parseInt(env.get('OAI_LIST_SIZE', 100), 10),
},
workspacePath: 'workspace',
redis: {

46
config/redis.ts
View file

@ -1,28 +1,9 @@
/**
* Config source: https://git.io/JemcF
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/
import env from '#start/env'
import { defineConfig } from '@adonisjs/redis'
import { InferConnections } from '@adonisjs/redis/types'
import Env from '@ioc:Adonis/Core/Env'
import { redisConfig } from '@adonisjs/redis/build/config'
/*
|--------------------------------------------------------------------------
| Redis configuration
|--------------------------------------------------------------------------
|
| Following is the configuration used by the Redis provider to connect to
| the redis server and execute redis commands.
|
| Do make sure to pre-define the connections type inside `contracts/redis.ts`
| file for AdonisJs to recognize connections.
|
| Make sure to check `contracts/redis.ts` file for defining extra connections
*/
export default redisConfig({
connection: Env.get('REDIS_CONNECTION'),
const redisConfig = defineConfig({
connection: 'main',
connections: {
/*
@ -35,12 +16,21 @@ export default redisConfig({
| redis driver.
|
*/
local: {
host: Env.get('REDIS_HOST'),
port: Env.get('REDIS_PORT'),
password: Env.get('REDIS_PASSWORD', ''),
main: {
host: env.get('REDIS_HOST'),
port: env.get('REDIS_PORT'),
password: env.get('REDIS_PASSWORD', ''),
db: 0,
keyPrefix: '',
retryStrategy(times) {
return times > 10 ? null : times * 50
},
},
},
})
export default redisConfig
declare module '@adonisjs/redis/types' {
export interface RedisConnections extends InferConnections<typeof redisConfig> {}
}

174
config/session.ts
View file

@ -5,112 +5,122 @@
* file.
*/
import Env from '@ioc:Adonis/Core/Env';
import Application from '@ioc:Adonis/Core/Application';
import { sessionConfig } from '@adonisjs/session/build/config';
import env from '#start/env';
import app from '@adonisjs/core/services/app';
import { defineConfig, stores } from '@adonisjs/session';
export default sessionConfig({
export default defineConfig({
/*
|--------------------------------------------------------------------------
| Enable/Disable sessions
|--------------------------------------------------------------------------
|
| Setting the following property to "false" will disable the session for the
| entire application
|
*/
|--------------------------------------------------------------------------
| Enable/Disable sessions
|--------------------------------------------------------------------------
|
| Setting the following property to "false" will disable the session for the
| entire application
|
*/
enabled: true,
/*
|--------------------------------------------------------------------------
| Driver
|--------------------------------------------------------------------------
|
| The session driver to use. You can choose between one of the following
| drivers.
|
| - cookie (Uses signed cookies to store session values)
| - file (Uses filesystem to store session values)
| - redis (Uses redis. Make sure to install "@adonisjs/redis" as well)
|
| Note: Switching drivers will make existing sessions invalid.
|
*/
driver: Env.get('SESSION_DRIVER'),
|--------------------------------------------------------------------------
| Driver
|--------------------------------------------------------------------------
|
| The session driver to use. You can choose between one of the following
| drivers.
|
| - cookie (Uses signed cookies to store session values)
| - file (Uses filesystem to store session values)
| - redis (Uses redis. Make sure to install "@adonisjs/redis" as well)
|
| Note: Switching drivers will make existing sessions invalid.
|
*/
// driver: env.get('SESSION_DRIVER'),
/*
|--------------------------------------------------------------------------
| Cookie name
|--------------------------------------------------------------------------
|
| The name of the cookie that will hold the session id.
|
*/
|--------------------------------------------------------------------------
| Cookie name
|--------------------------------------------------------------------------
|
| The name of the cookie that will hold the session id.
|
*/
cookieName: 'adonis-session',
/*
|--------------------------------------------------------------------------
| Clear session when browser closes
|--------------------------------------------------------------------------
|
| Whether or not you want to destroy the session when browser closes. Setting
| this value to `true` will ignore the `age`.
|
*/
|--------------------------------------------------------------------------
| Clear session when browser closes
|--------------------------------------------------------------------------
|
| Whether or not you want to destroy the session when browser closes. Setting
| this value to `true` will ignore the `age`.
|
*/
clearWithBrowser: false,
/*
|--------------------------------------------------------------------------
| Session age
|--------------------------------------------------------------------------
|
| The duration for which session stays active after no activity. A new HTTP
| request to the server is considered as activity.
|
| The value can be a number in milliseconds or a string that must be valid
| as per https://npmjs.org/package/ms package.
|
| Example: `2 days`, `2.5 hrs`, `1y`, `5s` and so on.
|
*/
|--------------------------------------------------------------------------
| Session age
|--------------------------------------------------------------------------
|
| The duration for which session stays active after no activity. A new HTTP
| request to the server is considered as activity.
|
| The value can be a number in milliseconds or a string that must be valid
| as per https://npmjs.org/package/ms package.
|
| Example: `2 days`, `2.5 hrs`, `1y`, `5s` and so on.
|
*/
age: '2h',
/*
|--------------------------------------------------------------------------
| Cookie values
|--------------------------------------------------------------------------
|
| The cookie settings are used to setup the session id cookie and also the
| driver will use the same values.
|
*/
|--------------------------------------------------------------------------
| Cookie values
|--------------------------------------------------------------------------
|
| The cookie settings are used to setup the session id cookie and also the
| driver will use the same values.
|
*/
cookie: {
path: '/',
httpOnly: true,
secure: app.inProduction,
sameSite: false,
},
/**
* The store to use. Make sure to validate the environment
* variable in order to infer the store name without any
* errors.
*/
store: env.get('SESSION_DRIVER'),
/*
|--------------------------------------------------------------------------
| Configuration for the file driver
|--------------------------------------------------------------------------
|
| The file driver needs absolute path to the directory in which sessions
| must be stored.
|
*/
file: {
location: Application.tmpPath('sessions'),
},
|--------------------------------------------------------------------------
| Configuration for the file driver
|--------------------------------------------------------------------------
|
| The file driver needs absolute path to the directory in which sessions
| must be stored.
|
*/
// file: {
// location: app.tmpPath('sessions'),
// },
/*
|--------------------------------------------------------------------------
| Redis driver
|--------------------------------------------------------------------------
|
| The redis connection you want session driver to use. The same connection
| must be defined inside `config/redis.ts` file as well.
|
*/
|--------------------------------------------------------------------------
| Redis driver
|--------------------------------------------------------------------------
|
| The redis connection you want session driver to use. The same connection
| must be defined inside `config/redis.ts` file as well.
|
*/
redisConnection: 'local',
stores: {
cookie: stores.cookie(),
},
});

179
config/shield.ts
View file

@ -1,24 +1,8 @@
/**
* Config source: https://git.io/Jvwvt
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
*/
import { defineConfig } from '@adonisjs/shield';
// import Env from '@ioc:Adonis/Core/Env'
import { ShieldConfig } from '@ioc:Adonis/Addons/Shield';
/*
|--------------------------------------------------------------------------
| Content Security Policy
|--------------------------------------------------------------------------
|
| Content security policy filters out the origins not allowed to execute
| and load resources like scripts, styles and fonts. There are wide
| variety of options to choose from.
*/
export const csp: ShieldConfig['csp'] = {
/*
export default defineConfig({
csp: {
/*
|--------------------------------------------------------------------------
| Enable/disable CSP
|--------------------------------------------------------------------------
@ -26,9 +10,9 @@ export const csp: ShieldConfig['csp'] = {
| The CSP rules are disabled by default for seamless onboarding.
|
*/
enabled: false,
enabled: false,
/*
/*
|--------------------------------------------------------------------------
| Directives
|--------------------------------------------------------------------------
@ -44,9 +28,9 @@ export const csp: ShieldConfig['csp'] = {
| }
|
*/
directives: {},
directives: {},
/*
/*
|--------------------------------------------------------------------------
| Report only
|--------------------------------------------------------------------------
@ -55,27 +39,17 @@ export const csp: ShieldConfig['csp'] = {
| instead report them to a URL.
|
*/
reportOnly: false,
};
/*
|--------------------------------------------------------------------------
| CSRF Protection
|--------------------------------------------------------------------------
|
| CSRF Protection adds another layer of security by making sure, actionable
| routes does have a valid token to execute an action.
|
*/
export const csrf: ShieldConfig['csrf'] = {
/*
reportOnly: false,
},
csrf: {
/*
|--------------------------------------------------------------------------
| Enable/Disable CSRF
|--------------------------------------------------------------------------
*/
enabled: true,
enabled: true,
/*
/*
|--------------------------------------------------------------------------
| Routes to Ignore
|--------------------------------------------------------------------------
@ -85,16 +59,16 @@ export const csrf: ShieldConfig['csrf'] = {
| slash. Example:
|
| `/foo/bar`
|
| Also you can define a function that is evaluated on every HTTP Request.
| ```
| exceptRoutes: ({ request }) => request.url().includes('/api')
| ```
|
| Also you can define a function that is evaluated on every HTTP Request.
| ```
| exceptRoutes: ({ request }) => request.url().includes('/api')
| ```
|
*/
exceptRoutes: [],
exceptRoutes: [],
/*
/*
|--------------------------------------------------------------------------
| Enable Sharing Token Via Cookie
|--------------------------------------------------------------------------
@ -108,9 +82,9 @@ export const csrf: ShieldConfig['csrf'] = {
| AJAX requests.
|
*/
enableXsrfCookie: true,
enableXsrfCookie: true,
/*
/*
|--------------------------------------------------------------------------
| Methods to Validate
|--------------------------------------------------------------------------
@ -118,76 +92,11 @@ export const csrf: ShieldConfig['csrf'] = {
| Define an array of HTTP methods to be validated for a valid CSRF token.
|
*/
methods: ['POST', 'PUT', 'PATCH', 'DELETE'],
};
/*
|--------------------------------------------------------------------------
| DNS Prefetching
|--------------------------------------------------------------------------
|
| DNS prefetching allows browsers to proactively perform domain name
| resolution in background.
|
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
|
*/
export const dnsPrefetch: ShieldConfig['dnsPrefetch'] = {
/*
|--------------------------------------------------------------------------
| Enable/disable this feature
|--------------------------------------------------------------------------
*/
enabled: true,
/*
|--------------------------------------------------------------------------
| Allow or Dis-Allow Explicitly
|--------------------------------------------------------------------------
|
| The `enabled` boolean does not set `X-DNS-Prefetch-Control` header. However
| the `allow` boolean controls the value of `X-DNS-Prefetch-Control` header.
|
| - When `allow = true`, then `X-DNS-Prefetch-Control = 'on'`
| - When `allow = false`, then `X-DNS-Prefetch-Control = 'off'`
|
*/
allow: true,
};
/*
|--------------------------------------------------------------------------
| Iframe Options
|--------------------------------------------------------------------------
|
| xFrame defines whether or not your website can be embedded inside an
| iframe. Choose from one of the following options.
|
| - DENY
| - SAMEORIGIN
| - ALLOW-FROM http://example.com
|
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
*/
export const xFrame: ShieldConfig['xFrame'] = {
enabled: true,
action: 'DENY',
};
/*
|--------------------------------------------------------------------------
| Http Strict Transport Security
|--------------------------------------------------------------------------
|
| A security to ensure that a browser always makes a connection over
| HTTPS.
|
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
|
*/
export const hsts: ShieldConfig['hsts'] = {
enabled: true,
/*
methods: ['POST', 'PUT', 'PATCH', 'DELETE'],
},
hsts: {
enabled: true,
/*
|--------------------------------------------------------------------------
| Max Age
|--------------------------------------------------------------------------
@ -196,9 +105,9 @@ export const hsts: ShieldConfig['hsts'] = {
| accessed using HTTPS.
|
*/
maxAge: '180 days',
maxAge: '180 days',
/*
/*
|--------------------------------------------------------------------------
| Include Subdomains
|--------------------------------------------------------------------------
@ -206,9 +115,9 @@ export const hsts: ShieldConfig['hsts'] = {
| Apply rules on the subdomains as well.
|
*/
includeSubDomains: true,
includeSubDomains: true,
/*
/*
|--------------------------------------------------------------------------
| Preloading
|--------------------------------------------------------------------------
@ -217,21 +126,9 @@ export const hsts: ShieldConfig['hsts'] = {
| the HSTS policy. Learn more https://hstspreload.org/
|
*/
preload: false,
};
/*
|--------------------------------------------------------------------------
| No Sniff
|--------------------------------------------------------------------------
|
| Browsers have a habit of sniffing content-type of a response. Which means
| files with .txt extension containing Javascript code will be executed as
| Javascript. You can disable this behavior by setting nosniff to false.
|
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
*/
export const contentTypeSniffing: ShieldConfig['contentTypeSniffing'] = {
enabled: true,
};
preload: false,
},
contentTypeSniffing: {
enabled: true,
},
});

98
config/static.ts
View file

@ -1,89 +1,17 @@
import { defineConfig } from '@adonisjs/static'
/**
* Config source: https://git.io/Jfefl
* Configuration options to tweak the static files middleware.
* The complete set of options are documented on the
* official documentation website.
*
* Feel free to let us know via PR, if you find something broken in this config
* file.
* https://docs.adonisjs.com/guides/static-assets
*/
const staticServerConfig = defineConfig({
enabled: true,
etag: true,
lastModified: true,
dotFiles: 'ignore',
})
import { AssetsConfig } from '@ioc:Adonis/Core/Static';
const staticConfig: AssetsConfig = {
/*
|--------------------------------------------------------------------------
| Enabled
|--------------------------------------------------------------------------
|
| A boolean to enable or disable serving static files. The static files
| are served from the `public` directory inside the application root.
| However, you can override the default path inside `.adonisrc.json`
| file.
|
|
*/
enabled: true,
/*
|--------------------------------------------------------------------------
| Handling Dot Files
|--------------------------------------------------------------------------
|
| Decide how you want the static assets server to handle the `dotfiles`.
| By default, we ignore them as if they don't exists. However, you
| can choose between one of the following options.
|
| - ignore: Behave as if the file doesn't exists. Results in 404.
| - deny: Deny access to the file. Results in 403.
| - allow: Serve the file contents
|
*/
dotFiles: 'ignore',
/*
|--------------------------------------------------------------------------
| Generating Etag
|--------------------------------------------------------------------------
|
| Handle whether or not to generate etags for the files. Etag allows browser
| to utilize the cache when file hasn't been changed.
|
*/
etag: true,
/*
|--------------------------------------------------------------------------
| Set Last Modified
|--------------------------------------------------------------------------
|
| Whether or not to set the `Last-Modified` header in the response. Uses
| the file system's last modified value.
|
*/
lastModified: true,
/*
|--------------------------------------------------------------------------
| Max age
|--------------------------------------------------------------------------
|
| Set the value for the max-age directive. Set a higher value in production
| if you fingerprint your assets.
|
| Learn more: https://docs.adonisjs.com/guides/deployment#serving-static-assets
|
*/
maxAge: 0,
/*
|--------------------------------------------------------------------------
| Immutable
|--------------------------------------------------------------------------
|
| Set the immutable directive. Set it to `true` if the assets are generated
| with a fingerprint. In others words the file name changes when the file
| contents change.
|
*/
immutable: false,
};
export default staticConfig;
export default staticServerConfig