Refactor configuration

- No longer use config npm package - Prefer config from env vars, though still has support for config file - No longer writes a config file for database config - Writes keys to a new file in /data folder - Removes a lot of cruft and improves config understanding
2025-06-17 17:56:27 +00:00 · 2023-03-21 16:53:39 +10:00
parent dad3e1da7c
commit 2a07445005
13 changed files with 278 additions and 261 deletions
--- a/backend/models/now_helper.js
+++ b/backend/models/now_helper.js
@ -1,11 +1,11 @@
 const db     = require('../db');
-const config = require('config');
+const config = require('../lib/config');
 const Model  = require('objection').Model;

 Model.knex(db);

 module.exports = function () {
-	if (config.database.knex && config.database.knex.client === 'sqlite3') {
+	if (config.isSqlite()) {
 		// eslint-disable-next-line
 		return Model.raw("datetime('now','localtime')");
 	}
--- a/backend/models/token.js
+++ b/backend/models/token.js
@ -6,44 +6,36 @@
 const _      = require('lodash');
 const jwt    = require('jsonwebtoken');
 const crypto = require('crypto');
+const config = require('../lib/config');
 const error  = require('../lib/error');
+const logger = require('../logger').global;
 const ALGO   = 'RS256';

-let public_key  = null;
-let private_key = null;
-
-function checkJWTKeyPair() {
-	if (!public_key || !private_key) {
-		let config  = require('config');
-		public_key  = config.get('jwt.pub');
-		private_key = config.get('jwt.key');
-	}
-}
-
 module.exports = function () {

 	let token_data = {};

-	let self = {
+	const self = {
 		/**
 		 * @param {Object}  payload
 		 * @returns {Promise}
 		 */
 		create: (payload) => {
+			if (!config.getPrivateKey()) {
+				logger.error('Private key is empty!')
+			}
 			// sign with RSA SHA256
-			let options = {
+			const options = {
 				algorithm: ALGO,
 				expiresIn: payload.expiresIn || '1d'
 			};

 			payload.jti = crypto.randomBytes(12)
 				.toString('base64')
-				.substr(-8);
-
-			checkJWTKeyPair();
+				.substring(-8);

 			return new Promise((resolve, reject) => {
-				jwt.sign(payload, private_key, options, (err, token) => {
+				jwt.sign(payload, config.getPrivateKey(), options, (err, token) => {
 					if (err) {
 						reject(err);
 					} else {
@ -62,13 +54,15 @@ module.exports = function () {
 		 * @returns {Promise}
 		 */
 		load: function (token) {
+			if (!config.getPublicKey()) {
+				logger.error('Public key is empty!')
+			}
 			return new Promise((resolve, reject) => {
-				checkJWTKeyPair();
 				try {
 					if (!token || token === null || token === 'null') {
 						reject(new error.AuthError('Empty token'));
 					} else {
-						jwt.verify(token, public_key, {ignoreExpiration: false, algorithms: [ALGO]}, (err, result) => {
+						jwt.verify(token, config.getPublicKey(), {ignoreExpiration: false, algorithms: [ALGO]}, (err, result) => {
 							if (err) {

 								if (err.name === 'TokenExpiredError') {
@ -132,7 +126,7 @@ module.exports = function () {
 		 * @returns {Integer}
 		 */
 		getUserId: (default_value) => {
-			let attrs = self.get('attrs');
+			const attrs = self.get('attrs');
 			if (attrs && typeof attrs.id !== 'undefined' && attrs.id) {
 				return attrs.id;
 			}