feat: déclaration de la configuration applicative

Ça a le bénéfice de faire planter l'application au démarrage en cas de réglage absent.
EcrituresNumeriques · Sep 30, 2024 · c182325 · c182325
1 parent 487ff67
commit c182325
Show file tree

Hide file tree

Showing 11 changed files with 333 additions and 92 deletions.
diff --git a/export/package-lock.json b/export/package-lock.json
diff --git a/export/package.json b/export/package.json
@@ -11,7 +11,7 @@
   "scripts": {
     "test": "jest",
     "start": "node src/app.js",
-    "dev": "npx dotenv -e ../stylo.env npm run start",
+    "dev": "node src/app.js",
     "prod": "NODE_ENV=production node --heapsnapshot-signal=SIGUSR2 src/app.js"
   },
   "repository": {
@@ -33,6 +33,7 @@
   "homepage": "https://github.com/EcrituresNumeriques/stylo#readme",
   "dependencies": {
     "archiver": "5.3.2",
+    "convict": "^6.2.4",
     "cors": "^2.8.5",
     "express": "^4.16.4",
     "graphql": "^16.1.0",
@@ -44,7 +45,6 @@
   },
   "devDependencies": {
     "dotenv": "^16.0.1",
-    "dotenv-cli": "^5.1.0",
     "jest": "^29.5.0"
   },
   "husky": {

diff --git a/export/src/app.js b/export/src/app.js
@@ -4,6 +4,8 @@ const { logger } = require('./logger')
 const pino = require('pino-http')({
   logger
 })
+const config = require('./config.js')
+config.validate({ allowed: 'strict' })
 
 const {
   exportArticleHtml,
@@ -29,7 +31,7 @@ app.use(cors({
   origin: '*'
 }))
 
-const listenPort = process.env.PORT || 3060
+const listenPort = config.get('port')
 
 const asyncExportVersionHtml = asyncHandler(exportVersionHtml)
 const asyncExportArticleHtml = asyncHandler(exportArticleHtml)

diff --git a/export/src/config.js b/export/src/config.js
@@ -0,0 +1,38 @@
+const convict = require('convict')
+require('dotenv').config()
+
+/**
+ * @type {convict.Config<{
+ *
+ * }>}
+ */
+module.exports = convict({
+  port: {
+    default: 3060,
+    format: 'port',
+    env: 'PORT'
+  },
+  api: {
+    urlEndpoint: {
+      default: 'http://localhost:3030/graphql',
+      format: 'url',
+      env: 'SNOWPACK_PUBLIC_GRAPHQL_ENDPOINT'
+    },
+    passthroughToken: {
+      format: 'string',
+      env: 'SE_GRAPHQL_TOKEN'
+    }
+  },
+  export: {
+    // legacy option
+    canonicalBaseUrl: {
+      format: 'url',
+      env: 'EXPORT_CANONICAL_BASE_URL'
+    },
+    urlEndpoint: {
+      default: 'http://127.0.0.1:3080',
+      format: 'url',
+      env: 'SNOWPACK_PUBLIC_PANDOC_EXPORT_ENDPOINT'
+    }
+  }
+})
diff --git a/export/src/export.js b/export/src/export.js
@@ -1,12 +1,13 @@
+const config = require('./config.js')
 const archiver = require('archiver')
 
 const { logger } = require('./logger')
 const { FindByIdNotFoundError } = require('./helpers/errors')
 const { normalize } = require('./helpers/filename')
 const { getArticleById, getVersionById, getCorpusById } = require('./graphql')
 
-const canonicalBaseUrl = process.env.EXPORT_CANONICAL_BASE_URL
-const exportEndpoint = process.env.SNOWPACK_PUBLIC_PANDOC_EXPORT_ENDPOINT || 'http://127.0.0.1:3080'
+const canonicalBaseUrl = config.get('export.canonicalBaseUrl')
+const exportEndpoint = config.get('export.urlEndpoint')
 
 const exportZip = async ({ bib, yaml, md, id, versionId, title }, res, _) => {
   const filename = `${normalize(title)}.zip`

diff --git a/export/src/graphql.js b/export/src/graphql.js
@@ -17,8 +17,9 @@ function getGraphQLClient () {
   if (graphQLClient) {
     return graphQLClient
   }
-  const graphqlEndpoint = process.env.SNOWPACK_PUBLIC_GRAPHQL_ENDPOINT || 'http://localhost:3030/graphql'
-  const passthroughToken = process.env.SE_GRAPHQL_TOKEN
+  const graphqlEndpoint = config.get('api.urlEndpoint')
+  const passthroughToken = config.get('api.passthroughToken')
+
   graphQLClient = new GraphQLClient(graphqlEndpoint, {
     headers: {
       authorization: `Bearer ${passthroughToken}`,

diff --git a/graphql/app.js b/graphql/app.js
@@ -1,6 +1,9 @@
 const pkg = require('./package.json')
 const ospath = require('node:path')
 const process = require('node:process')
+const config = require('./config.js')
+config.validate({ allowed: 'strict' })
+
 process.env.YPERSISTENCE = ospath.join(__dirname, 'ydata')
 
 const express = require('express')
@@ -35,35 +38,35 @@ const wss = new WebSocket.Server({ noServer: true })
 
 const app = express()
 
-const mongoServer = process.env.MONGO_SERVER
-const mongoServerPort = process.env.MONGO_SERVER_PORT
-const mongoServerDB = process.env.MONGO_SERVER_DB
-
-const listenPort = process.env.PORT || 3030
-const origin = process.env.ALLOW_CORS_FRONTEND
-const jwtSecret = process.env.JWT_SECRET_SESSION_COOKIE
-const sessionSecret = process.env.SESSION_SECRET
-const oicName = process.env.OPENID_CONNECT_NAME
-const oicIssuer = process.env.OPENID_CONNECT_ISSUER
-const oicAuthUrl = process.env.OPENID_CONNECT_AUTH_URL
-const oicTokenUrl = process.env.OPENID_CONNECT_TOKEN_URL
-const oicUserInfoUrl = process.env.OPENID_CONNECT_USER_INFO_URL
-const oicCallbackUrl = process.env.OPENID_CONNECT_CALLBACK_URL
-const oicClientId = process.env.OPENID_CONNECT_CLIENT_ID
-const oicClientSecret = process.env.OPENID_CONNECT_CLIENT_SECRET
-const oicScope = process.env.OPENID_CONNECT_SCOPE || 'profile email'
-
-const zoteroAuthClientKey = process.env.ZOTERO_AUTH_CLIENT_KEY
-const zoteroAuthClientSecret = process.env.ZOTERO_AUTH_CLIENT_SECRET
-const zoteroAuthCallbackUrl = process.env.ZOTERO_AUTH_CALLBACK_URL
-const zoteroRequestTokenEndpoint = process.env.ZOTERO_REQUEST_TOKEN_ENDPOINT || 'https://www.zotero.org/oauth/request'
-const zoteroAccessTokenEndpoint = process.env.ZOTERO_ACCESS_TOKEN_ENDPOINT || 'https://www.zotero.org/oauth/access'
-const zoteroAuthorizeEndpoint = process.env.ZOTERO_AUTHORIZE_ENDPOINT || 'https://www.zotero.org/oauth/authorize'
+const mongoServer = config.get('mongo.host')
+const mongoServerPort = config.get('mongo.port')
+const mongoServerDB = config.get('mongo.db')
+
+const listenPort = config.get('port')
+const origin = config.get('security.cors.origin')
+const jwtSecret = config.get('security.jwt.secret')
+const sessionSecret = config.get('security.session.secret')
+const oicName = config.get('oauth.name')
+const oicIssuer = config.get('oauth.issuer')
+const oicAuthUrl = config.get('oauth.auth.url')
+const oicTokenUrl = config.get('oauth.auth.token')
+const oicUserInfoUrl = config.get('oauth.auth.userInfo')
+const oicCallbackUrl = config.get('oauth.callbackUrl')
+const oicClientId = config.get('oauth.client.id')
+const oicClientSecret = config.get('oauth.client.secret')
+const oicScope = config.get('oauth.scope')
+
+const zoteroAuthClientKey = config.get('zotero.auth.clientKey')
+const zoteroAuthClientSecret = config.get('zotero.auth.clientSecret')
+const zoteroAuthCallbackUrl = config.get('zotero.auth.callbackUrl')
+const zoteroRequestTokenEndpoint = config.get('zotero.auth.requestToken')
+const zoteroAccessTokenEndpoint = config.get('zotero.auth.accessPoint')
+const zoteroAuthorizeEndpoint = config.get('zotero.auth.authorize')
 const zoteroAuthScope = ['library_access=1', 'all_groups=read']
 
 //A Secure cookie is only sent to the server with an encrypted request over the HTTPS protocol.
 // Note that insecure sites (http:) can't set cookies with the Secure directive.
-const secureCookie = process.env.HTTPS === 'true'
+const secureCookie = config.get('securedCookie')
 // When we have multiple origins (for instance, using deploy previews on different domains) then cookies `sameSite` attribute is permissive (using 'none' value).
 // When we have a single origin (most likely when running in a production environment) then we are using a secure/strict value for cookies `sameSite` attribute ('strict').
 // When using 'strict' value, cookies will not be sent along with requests initiated by third-party websites.