-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathconfig.js.tmpl
90 lines (85 loc) · 3.19 KB
/
config.js.tmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
/* Smoke Alarm Installation Request Portal (getasmokealarm.org)
*
* Copyright (C) 2015 American Red Cross
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
'use strict';
exports.port = process.env.PORT || 3000;
exports.companyName = 'Acme, Inc.';
exports.projectName = 'New Horizons Ansible Retrofit Project';
exports.systemEmail = '[email protected]';
// This confirms whether the signup route is available
// or not. This affects both the availability of the signup
// URL as well as the navigation link to "Sign Up" at the top
// of the navigation for the admin section.
exports.signupEnabled = false;
// Configure Geocoding API API key
exports.googleMapsApiKey = 'YOUR_API_KEY_HERE';
// Make up your own key here. More background:
//
// I believe the cryptoKey is used to server-side sign session data
// that is then sent in a cookie to the client -- the client never
// knows the key, so the client therefore cannot tamper with any of
// the data in the cookie, because if it did, the digital signature on
// the cookie would be invalid.
//
// These two pages have more information. In the first page, I think
// where they say "encrypt" they really mean "sign"; the second page
// explains the situation pretty straightforwardly, but it helps to
// have read the first page for context:
//
// http://stackoverflow.com/questions/18565512/importance-of-session-secret-key-in-express-web-framework
// http://stackoverflow.com/questions/6719036/why-cherrypy-session-does-not-require-a-secret-key
exports.cryptoKey = 'k3yb0ardc4t';
exports.loginAttempts = {
forIp: 50,
forIpAndUser: 7,
logExpiration: '20m'
};
exports.requireAccountVerification = false;
exports.smtp = {
from: {
name: process.env.SMTP_FROM_NAME || exports.projectName +' Website',
address: process.env.SMTP_FROM_ADDRESS || '[email protected]'
},
credentials: {
user: process.env.SMTP_USERNAME || '[email protected]',
password: process.env.SMTP_PASSWORD || '',
host: process.env.SMTP_HOST || 'smtp.gmail.com',
ssl: true
}
};
exports.oauth = {
twitter: {
key: process.env.TWITTER_OAUTH_KEY || '',
secret: process.env.TWITTER_OAUTH_SECRET || ''
},
facebook: {
key: process.env.FACEBOOK_OAUTH_KEY || '',
secret: process.env.FACEBOOK_OAUTH_SECRET || ''
},
github: {
key: process.env.GITHUB_OAUTH_KEY || '',
secret: process.env.GITHUB_OAUTH_SECRET || ''
},
google: {
key: process.env.GOOGLE_OAUTH_KEY || '',
secret: process.env.GOOGLE_OAUTH_SECRET || ''
},
tumblr: {
key: process.env.TUMBLR_OAUTH_KEY || '',
secret: process.env.TUMBLR_OAUTH_SECRET || ''
}
};