liquid_feedback_frontend
view app/main/_prefork/10_init.lua @ 1511:f1258993d993
Fixed issue with oauth/session endpoint and samesite cookies
| author | bsw |
|---|---|
| date | Thu Aug 20 13:44:54 2020 +0200 (2020-08-20) |
| parents | cd497eb8fd73 |
| children | 45fd259aa1ad |
line source
1 config.app_version = "4.0.0-pre"
3 -- TODO abstraction
4 -- get record by id
5 function mondelefant.class_prototype:by_id(id)
6 local selector = self:new_selector()
7 selector:add_where{ 'id = ?', id }
8 selector:optional_object_mode()
9 return selector:exec()
10 end
12 if not config.password_hash_algorithm then
13 config.password_hash_algorithm = "crypt_sha512"
14 end
16 if not config.password_hash_min_rounds then
17 config.password_hash_min_rounds = 10000
18 end
20 if not config.password_hash_max_rounds then
21 config.password_hash_max_rounds = 20000
22 end
24 if config.use_terms_checkboxes == nil then
25 config.use_terms_checkboxes = {}
26 end
28 if config.enabled_languages == nil then
29 config.enabled_languages = { 'en', 'de', 'ka' } --, 'eo', 'el', 'hu', 'it', 'nl', 'zh-Hans', 'zh-TW' }
30 end
32 if config.default_lang == nil then
33 config.default_lang = "en"
34 end
36 if config.mail_subject_prefix == nil then
37 config.mail_subject_prefix = "[LiquidFeedback] "
38 end
40 if config.notification_digest_template == nil then
41 config.notification_digest_template = "Hello #{name},\n\nthis is your personal digest.\n\n#{digest}\n"
42 end
44 if config.member_image_content_type == nil then
45 config.member_image_content_type = "image/jpeg"
46 end
48 if config.member_image_convert_func == nil then
49 config.member_image_convert_func = {
50 avatar = function(data) return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "48x48", "jpeg:-") end,
51 photo = function(data) return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "240x240", "jpeg:-") end
52 }
53 end
55 if config.locked_profile_fields == nil then
56 config.locked_profile_fields = {}
57 end
59 if config.check_delegations_default == nil then
60 config.check_delegations_default = "confirm"
61 end
63 if config.cookie_name == nil then
64 config.cookie_name = "liquid_feedback_session"
65 end
67 if config.cookie_name_samesite == nil then
68 config.cookie_name_samesite = config.cookie_name .. "_samesite"
69 end
71 if config.ldap == nil then
72 config.ldap = {}
73 end
75 if config.oauth2 then
76 local scopes = {
77 { scope = "authentication", name = { de = "Identität feststellen (nur Screen-Name)", en = "Determine identity (screen name only)" } },
78 { scope = "identification", name = { de = "Identität feststellen", en = "Determine identity" } },
79 { scope = "notify_email", name = { de = "E-Mail-Adresse für Benachrichtigungen verwenden", en = "Use email address for notifications" } },
80 { scope = "read_contents", name = { de = "Inhalte lesen", en = "Read content" } },
81 { scope = "read_authors", name = { de = "Autorennamen lesen", en = "Read author names" } },
82 { scope = "read_ratings", name = { de = "Bewertungen lesen", en = "Read ratings" } },
83 { scope = "read_identities", name = { de = "Identitäten lesen", en = "Read identities" } },
84 { scope = "read_profiles", name = { de = "Profile lesen", en = "Read profiles" } },
85 { scope = "post", name = { de = "Neue Inhalte veröffentlichen", en = "Post new content" } },
86 { scope = "rate", name = { de = "Bewertungen vornehmen", en = "Do ratings" } },
87 { scope = "vote", name = { de = "Abstimmen", en = "Vote" } },
88 { scope = "delegate", name = { de = "Delegieren", en = "Delegate" } },
89 { scope = "profile", name = { de = "Eigenes Profil lesen", en = "Read your profile" } },
90 { scope = "settings", name = { de = "Einstellungen einsehen", en = "Read your settings" } },
91 { scope = "update_name", name = { de = "Screen-Namen ändern", en = "Update screen name" } },
92 { scope = "update_notify_email", name = { de = "E-Mail-Adresse für Benachrichtigungen ändern", en = "Update notify email address" } },
93 { scope = "update_profile", name = { de = "Profil bearbeiten", en = "Update your profile" } },
94 { scope = "update_settings", name = { de = "Benutzereinstellungen ändern", en = "Update your settings" } }
95 }
96 local s = config.oauth2.available_scopes or {}
97 for i, scope in ipairs(scopes) do
98 s[#s+1] = scope
99 end
100 config.oauth2.available_scopes = s
101 if not config.oauth2.endpoint_magic then
102 config.oauth2.endpoint_magic = "liquidfeedback_client/redirection_endpoint"
103 end
104 if not config.oauth2.manifest_magic then
105 config.oauth2.manifest_magic = "liquidfeedback_client/manifest"
106 end
107 if not config.oauth2.host_func then
108 config.oauth2.host_func = function(domain) return extos.pfilter(nil, "host", "-t", "TXT", domain) end
109 end
110 if not config.oauth2.authorization_code_lifetime then
111 config.oauth2.authorization_code_lifetime = 5 * 60
112 end
113 if not config.oauth2.refresh_token_lifetime then
114 config.oauth2.refresh_token_lifetime = 60 * 60 * 24 * 30 * 3
115 end
116 if not config.oauth2.refresh_pause then
117 config.oauth2.refresh_pause = 60
118 end
119 if not config.oauth2.refresh_grace_period then
120 config.oauth2.refresh_grace_period = 60
121 end
122 if not config.oauth2.access_token_lifetime then
123 config.oauth2.access_token_lifetime = 60 * 60
124 end
125 if not config.oauth2.dynamic_registration_lifetime then
126 config.oauth2.dynamic_registration_lifetime = 60 * 60 * 24
127 end
128 end
130 if not config.database then
131 config.database = { engine='postgresql', dbname='liquid_feedback' }
132 end
134 if config.fork == nil then
135 config.fork = {}
136 end
138 if config.fork.pre == nil then
139 config.fork.pre = 2
140 end
142 if config.fork.min == nil then
143 config.fork.min = 4
144 end
146 if config.fork.max == nil then
147 config.fork.max = 128
148 end
150 if config.fork.delay == nil then
151 config.fork.delay = 0.125
152 end
154 if config.fork.error_delay == nil then
155 config.fork.error_delay = 2
156 end
158 if config.fork.exit_delay == nil then
159 config.fork.exit_delay = 2
160 end
162 if config.fork.idle_timeout == nil then
163 config.fork.idle_timeout = 900
164 end
166 if config.port == nil then
167 config.port = 8080
168 end
170 if config.localhost == nil then
171 config.localhost = true
172 end
174 local listen_options = {
175 pre_fork = config.fork.pre,
176 min_fork = config.fork.min,
177 max_fork = config.fork.max,
178 fork_delay = config.fork.delay,
179 fork_error_delay = config.fork.error_delay,
180 exit_delay = config.fork.exit_delay,
181 idle_timeout = config.fork.idle_timeout,
182 memory_limit = config.fork.memory_limit,
183 min_requests_per_fork = config.fork.min_requests,
184 max_requests_per_fork = config.fork.max_requests,
185 http_options = config.http_options
186 }
188 if config.ipv6 then
189 local host = config.localhost and "::1" or "::"
190 listen_options[#listen_options+1] = { proto = "tcp", host = host, port = config.port }
191 end
192 if config.ipv6 ~= "only" then
193 local host = config.localhost and "127.0.0.1" or "0.0.0.0"
194 listen_options[#listen_options+1] = { proto = "tcp", host = host, port = config.port }
195 end
197 request.set_404_route{ module = 'index', view = '404' }
199 request.set_absolute_baseurl(config.absolute_base_url)
201 -- TODO remove style cache
203 listen(listen_options)
205 listen{
206 {
207 proto = "main",
208 name = "process_event_stream",
209 handler = function(poll)
210 Event:process_stream(poll)
211 end
212 }
213 }
215 listen{
216 {
217 proto = "interval",
218 name = "send_pending_notifications",
219 delay = 5,
220 handler = function()
221 while true do
222 if not Newsletter:send_next_newsletter() then
223 break
224 end
225 moonbridge_io.poll(nil, nil, 1)
226 end
227 while true do
228 if not InitiativeForNotification:notify_next_member() then
229 break
230 end
231 moonbridge_io.poll(nil, nil, 1)
232 end
233 end
234 },
235 min_fork = 1,
236 max_fork = 1
237 }
239 execute.inner()