Merge pull request #467 from fosrl/dev

1.2.0

Author: miloschwartz

Dockerfile

@@ -7,7 +7,7 @@ RUN npm ci
 
 COPY . .
 
-RUN npx drizzle-kit generate --dialect sqlite --schema ./server/db/schema.ts --out init
+RUN npx drizzle-kit generate --dialect sqlite --schema ./server/db/schemas/ --out init
 
 RUN npm run build
 
@@ -16,7 +16,7 @@ FROM node:20-alpine AS runner
 WORKDIR /app
 
 # Curl used for the health checks
-RUN apk add --no-cache curl 
+RUN apk add --no-cache curl
 
 COPY package.json package-lock.json ./
 RUN npm ci --only=production && npm cache clean --force

config/config.example.yml

@@ -18,6 +18,9 @@ server:
     internal_hostname: "pangolin"
     session_cookie_name: "p_session_token"
     resource_access_token_param: "p_token"
+    resource_access_token_headers:
+        id: "P-Access-Token-Id"
+        token: "P-Access-Token"
     resource_session_request_param: "p_session_request"
 
 traefik:
@@ -35,7 +38,7 @@ gerbil:
 rate_limits:
     global:
         window_minutes: 1
-        max_requests: 100
+        max_requests: 500
 
 users:
     server_admin:

drizzle.config.ts

@@ -4,10 +4,10 @@ import path from "path";
 
 export default defineConfig({
     dialect: "sqlite",
-    schema: path.join("server", "db", "schema.ts"),
+    schema: path.join("server", "db", "schemas"),
     out: path.join("server", "migrations"),
     verbose: true,
     dbCredentials: {
-        url: path.join(APP_PATH, "db", "db.sqlite"),
-    },
+        url: path.join(APP_PATH, "db", "db.sqlite")
+    }
 });

install/config/config.yml

@@ -18,6 +18,9 @@ server:
     internal_hostname: "pangolin"
     session_cookie_name: "p_session_token"
     resource_access_token_param: "p_token"
+    resource_access_token_headers:
+        id: "P-Access-Token-Id"
+        token: "P-Access-Token"
     resource_session_request_param: "p_session_request"
     cors:
         origins: ["https://{{.DashboardDomain}}"]

server/apiServer.ts

@@ -14,7 +14,7 @@ import { logIncomingMiddleware } from "./middlewares/logIncoming";
 import { csrfProtectionMiddleware } from "./middlewares/csrfProtection";
 import helmet from "helmet";
 
-const dev = process.env.ENVIRONMENT !== "prod";
+const dev = config.isDev;
 const externalPort = config.getRawConfig().server.external_port;
 
 export function createApiServer() {

server/auth/actions.ts

@@ -1,6 +1,6 @@
 import { Request } from "express";
 import { db } from "@server/db";
-import { userActions, roleActions, userOrgs } from "@server/db/schema";
+import { userActions, roleActions, userOrgs } from "@server/db/schemas";
 import { and, eq } from "drizzle-orm";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
@@ -63,6 +63,7 @@ export enum ActionsEnum {
     listResourceRules = "listResourceRules",
     updateResourceRule = "updateResourceRule",
     listOrgDomains = "listOrgDomains",
+    createNewt = "createNewt",
 }
 
 export async function checkUserActionPermission(

server/auth/canUserAccessResource.ts

@@ -1,6 +1,6 @@
 import db from "@server/db";
 import { and, eq } from "drizzle-orm";
-import { roleResources, userResources } from "@server/db/schema";
+import { roleResources, userResources } from "@server/db/schemas";
 
 export async function canUserAccessResource({
     userId,

server/auth/checkValidInvite.ts

@@ -1,5 +1,5 @@
 import db from "@server/db";
-import { UserInvite, userInvites } from "@server/db/schema";
+import { UserInvite, userInvites } from "@server/db/schemas";
 import { isWithinExpirationDate } from "oslo";
 import { verifyPassword } from "./password";
 import { eq } from "drizzle-orm";

server/auth/limits.ts

@@ -1,5 +1,5 @@
 import { db } from '@server/db';
-import { limitsTable } from '@server/db/schema';
+import { limitsTable } from '@server/db/schemas';
 import { and, eq } from 'drizzle-orm';
 import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';
@@ -37,4 +37,4 @@ export async function checkOrgLimit({ orgId, limitName, currentValue, increment
         }
         throw createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Unknown error occurred while checking limit');
     }
-}
+}

server/auth/resourceOtp.ts

@@ -1,5 +1,5 @@
 import db from "@server/db";
-import { resourceOtp } from "@server/db/schema";
+import { resourceOtp } from "@server/db/schemas";
 import { and, eq } from "drizzle-orm";
 import { createDate, isWithinExpirationDate, TimeSpan } from "oslo";
 import { alphabet, generateRandomString, sha256 } from "oslo/crypto";