From 470dfe339d85cb8967684f95501f1562e089b2b4 Mon Sep 17 00:00:00 2001
From: Paul Bienkowski <pb@opatut.de>
Date: Sat, 27 Feb 2021 13:20:41 +0100
Subject: [PATCH] api: More configurable options

---
 api/config.dev.json     |  8 +++++++-
 api/config.json.example |  6 ++++++
 api/src/config.js       | 42 +++++++++++++++++++++++------------------
 api/src/db.js           |  9 ++++-----
 api/src/routes/auth.js  |  4 +++-
 api/views/layout.pug    |  3 ++-
 6 files changed, 46 insertions(+), 26 deletions(-)

diff --git a/api/config.dev.json b/api/config.dev.json
index ced6214..cef279d 100644
--- a/api/config.dev.json
+++ b/api/config.dev.json
@@ -1,5 +1,11 @@
 {
   "cookieSecret": "CHANGEME!!!!!!!!!!@##@!!$$$$$$$$$$$$$!!",
   "jwtSecret": "CHANGEME??????????????////3212321;312kjbkasjd",
-  "mail": false
+  "baseUrl": "http://localhost:3000/",
+  "mainFrontendUrl": "http://localhost:3001/",
+  "mail": false,
+  "mongodb": {
+    "url": "mongodb://mongo/obsTest",
+    "debug": true
+  }
 }
diff --git a/api/config.json.example b/api/config.json.example
index 94bd39b..7a97bc5 100644
--- a/api/config.json.example
+++ b/api/config.json.example
@@ -1,6 +1,8 @@
 {
   "cookieSecret": "CHANGEME!!!!!!!!!!!!!!!!!!!!!11",
   "jwtSecret": "CHANGEME???????????????????////",
+  "baseUrl": "https://openbikesensor.example.com/",
+  "mainFrontendUrl": "https://openbikesensor.example.com/api/",
   "mail": {
     "from": "Sender Name <sender@example.com>",
     "smtp" : {
@@ -9,5 +11,9 @@
       "username": "sender@example.com",
       "password": "hunter2"
     }
+  },
+  "mongodb": {
+    "url": "mongodb://user:pass@host/obs",
+    "debug": false
   }
 }
diff --git a/api/src/config.js b/api/src/config.js
index c41431d..ef150be 100644
--- a/api/src/config.js
+++ b/api/src/config.js
@@ -1,25 +1,31 @@
 const fs = require('fs');
 const Joi = require('joi');
 
-const configSchema = Joi.object()
-  .required()
-  .keys({
-    jwtSecret: Joi.string().min(16).max(128).required(),
-    cookieSecret: Joi.string().min(16).max(128).required(),
+const configSchema = Joi.object({
+  jwtSecret: Joi.string().min(16).max(128).required(),
+  cookieSecret: Joi.string().min(16).max(128).required(),
 
-    mail: Joi.alternatives().try(
-      Joi.object({
-        from: Joi.string().required(),
-        smtp: Joi.object().required().keys({
-          host: Joi.string().required(),
-          port: Joi.number().default(587),
-          username: Joi.string().required(),
-          password: Joi.string().required(),
-        }),
-      }),
-      Joi.boolean().valid(false),
-    ),
-  });
+  baseUrl: Joi.string().required(),
+  mainFrontendUrl: Joi.string(), // optional
+
+  mail: Joi.alternatives().try(
+    Joi.object({
+      from: Joi.string().required(),
+      smtp: Joi.object({
+        host: Joi.string().required(),
+        port: Joi.number().default(587),
+        username: Joi.string().required(),
+        password: Joi.string().required(),
+      }).required(),
+    }),
+    Joi.boolean().valid(false),
+  ),
+
+  mongodb: Joi.object({
+    url: Joi.string().required(),
+    debug: Joi.boolean().default(process.env.NODE_ENV !== 'production'),
+  }).required(),
+}).required();
 
 const configFiles = [
   process.env.CONFIG_FILE,
diff --git a/api/src/db.js b/api/src/db.js
index cfb4f40..d216089 100644
--- a/api/src/db.js
+++ b/api/src/db.js
@@ -1,10 +1,9 @@
 const mongoose = require('mongoose');
 
-const isProduction = process.env.NODE_ENV === 'production';
-const mongodbUrl =
-  process.env.MONGODB_URL || (isProduction ? 'mongodb://localhost/obs' : 'mongodb://localhost/obsTest');
-mongoose.connect(mongodbUrl);
-mongoose.set('debug', !isProduction);
+const config = require('./config')
+
+mongoose.connect(config.mongodb.url);
+mongoose.set('debug', config.mongodb.debug);
 
 require('./models/TrackData');
 require('./models/User');
diff --git a/api/src/routes/auth.js b/api/src/routes/auth.js
index 0e059b3..502b19b 100644
--- a/api/src/routes/auth.js
+++ b/api/src/routes/auth.js
@@ -6,6 +6,7 @@ const { createChallenge } = require('pkce');
 const { AuthorizationCode, AccessToken, RefreshToken, Client } = require('../models');
 const auth = require('../passport');
 const wrapRoute = require('../_helpers/wrapRoute');
+const config = require('../config')
 
 // Check whether the "bigScope" fully includes the "smallScope".
 function scopeIncludes(smallScope, bigScope) {
@@ -48,6 +49,7 @@ function isValidScope(scope) {
 
 router.use((req, res, next) => {
   res.locals.user = req.user;
+  res.locals.mainFrontendUrl = config.mainFrontendUrl
   next();
 });
 
@@ -397,7 +399,7 @@ router.get(
 router.get(
   '/.well-known/oauth-authorization-server',
   wrapRoute(async (req, res) => {
-    const baseUrl = 'http://localhost:3000';
+    const baseUrl = config.baseUrl.replace(/\/+$/, '')
 
     return res.json({
       issuer: baseUrl,
diff --git a/api/views/layout.pug b/api/views/layout.pug
index b862e67..c67264f 100644
--- a/api/views/layout.pug
+++ b/api/views/layout.pug
@@ -130,7 +130,8 @@ html
       nav
         header OpenBikeSensor Account Pages
         ul
-          li: a(href="/") Back to Portal
+          if mainFrontendUrl
+            li: a(href=mainFrontendUrl) Back to Portal
           if !user
             li: a(href="/login") Login
             li: a(href="/register") Register