38 lines
1.4 KiB
Go
38 lines
1.4 KiB
Go
package config
|
|
|
|
import (
|
|
"git.haelnorr.com/h/golib/env"
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
type HWSAUTHConfig struct {
|
|
SSL bool // ENV HWSAUTH_SSL: Flag for SSL Mode (default: false)
|
|
TrustedHost string // ENV HWSAUTH_TRUSTED_HOST: Full server address to accept as trusted SSL host (required if SSL is true)
|
|
SecretKey string // ENV HWSAUTH_SECRET_KEY: Secret key for signing tokens (required)
|
|
AccessTokenExpiry int64 // ENV HWSAUTH_ACCESS_TOKEN_EXPIRY: Access token expiry in minutes (default: 5)
|
|
RefreshTokenExpiry int64 // ENV HWSAUTH_REFRESH_TOKEN_EXPIRY: Refresh token expiry in minutes (default: 1440)
|
|
TokenFreshTime int64 // ENV HWSAUTH_TOKEN_FRESH_TIME: Time for tokens to stay fresh in minutes (default: 5)
|
|
}
|
|
|
|
func setupHWSAuth() (*HWSAUTHConfig, error) {
|
|
ssl := env.Bool("HWSAUTH_SSL", false)
|
|
trustedHost := env.String("HWS_TRUSTED_HOST", "")
|
|
if ssl && trustedHost == "" {
|
|
return nil, errors.New("SSL is enabled and no HWS_TRUSTED_HOST set")
|
|
}
|
|
cfg := &HWSAUTHConfig{
|
|
SSL: ssl,
|
|
TrustedHost: trustedHost,
|
|
SecretKey: env.String("HWSAUTH_SECRET_KEY", ""),
|
|
AccessTokenExpiry: env.Int64("HWSAUTH_ACCESS_TOKEN_EXPIRY", 5),
|
|
RefreshTokenExpiry: env.Int64("HWSAUTH_REFRESH_TOKEN_EXPIRY", 1440),
|
|
TokenFreshTime: env.Int64("HWSAUTH_TOKEN_FRESH_TIME", 5),
|
|
}
|
|
|
|
if cfg.SecretKey == "" {
|
|
return nil, errors.New("Envar not set: HWSAUTH_SECRET_KEY")
|
|
}
|
|
|
|
return cfg, nil
|
|
}
|