public/owltide
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages 1 Wiki Activity Actions
owltide/docs/admin/config.md
Hornwitser 0d0e38e4b6 Refactor demo login as an authentication method 
Use the authentication method system for the demo login and the
generated accounts.  This makes it possible to toggle it off on
production systems as these shouldn't have it enabled at all.
2025-07-09 18:01:26 +02:00

45 lines
2.3 KiB
Markdown
Raw Blame History

<!--
SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Configuration
## Quoting
Environment variables are parsed using [destr](https://github.com/unjs/destr) which contain arbitrary unspecified and undocumented rules for converting strings to data. If an environment input looks like JSON it'll most likely be parsed as JSON and my cause a type missmatch error to be reported. To avoid strings being converted into other unintended values put the value into `"` marks. Depending on your configuration environment you may have to double up the quotation marks and/or use escapes.
## Environment Variables
### NUXT_SESSION_ROTATES_TIMEOUT
Time in seconds before a session need to be rotated over into a new session. When an endpoint using a session is hit after the session rotates timeout but before the session is discarded a new session is created as the successor with a new rotates and discard timeout. The old session then marked to expire in 10 seconds any requests using the old session will result in a 403 Forbidden with the message the session has been taken after the expiry.
### NUXT_SESSION_DISCARD_TIMEOUT
Time in seconds before a session is deleted from the client and server, resulting in the user having to authenticate again if the session wasn't rotated over into a new session before this timeout.
This should be several times greater that `NUXT_SESSION_ROTATES_TIMEOUT`.
### NUXT_AUTH_DEMO_ENABLED
Boolean indicating if the demo authentication provider should be enabled. This allows logging in using only a name with no additional checks or security and should _never_ be enabled on a production system. The purpose of this is to make it easier to demo the system.
Defaults to `false`.
### NUXT_TELEGRAM_BOT_TOKEN_FILE
Path to a file containing the token for the Telegram bot used for authenticating users via Telegram.
Does nothing if `NUXT_AUTH_TELEGRAM_ENABLED` is not enabled.
### NUXT_PUBLIC_TELEGRAM_BOT_USERNAME
Username of the Telegram bot used for authenticating users via Telegram.
Does nothing if `NUXT_AUTH_TELEGRAM_ENABLED` is not enabled.
### NUXT_AUTH_TELEGRAM_ENABLED
Boolean indicating if authentication via Telegram is enabled or not. Requires `NUXT_PUBLIC_TELEGRAM_BOT_USERNAME` and `NUXT_TELEGRAM_BOT_TOKEN_FILE` to be set in order to work.
Defaults to `false`.
Reference in a new issue View git blame Copy permalink