Backend for PTAH
- Node.js v10+
- NPM v6+
- MongoDB v4+
- Redis v5+
npm install
npm prune --production
NODE_ENV={string='production'} AUTH_TOKEN_SECRET={string} PASSWORD_SECRET={string} RESTORE_PASSWORD_SECRET={string} CONFIRM_EMAIL_SECRET={string} CORS_VALID_ORIGINS={string} MONGO_DSN={string} EMAIL_POSTMARK_TOKEN={string} EMAIL_SENDER_FROM={string} EMAIL_TEMPLATE_RESTORE_PASSWORD={string} EMAIL_TEMPLATE_CONFIRM_EMAIL={string} EMAIL_TEMPLATE_USER_SIGNUP_LOCAL={string} EMAIL_TEMPLATE_USER_SIGNUP_SOCIAL={string} SENTRY_DSN={string} PUBLIC_HOST={string} EMAIL_TEMPLATE_RESTORE_PASSWORD_REQUEST={string} MAILCHIMP_MAILLISTS_PATH={string='/3.0/lists'} MAILCHIMP_METADATA_URL={string='https://login.mailchimp.com/oauth2/metadata'} NGINX_CONFIGS_DIR={string='sites_enabled'} LANDINGS_HTML_DIR={string='landings_html'} LANDINGS_PUBLISHING_HOST={string=} ROUTES_PREFIX={string='/api/v1'} ACCESS_TOKEN_LIFETIME={string='1'} REFRESH_TOKEN_LIFETIME={string='72'} RESTORE_PASSWORD_LIFETIME={string='15'} CONFIRM_EMAIL_LIFETIME={string='24'} SERVER_PORT={string='80'} STRIPE_PUBLISHABLE_KEY={string} STRIPE_SECRET_KEY={string} STRIPE_WEBHOOK_SECRET={string} node ./index.js
Where:
Obligatory params
{NODE_ENV} - Current environment
{PUBLIC_HOST} - Public host with frontend
{AUTH_TOKEN_SECRET} - secret for signing auth tokens
{PASSWORD_SECRET} - secret for signing passwords
{RESTORE_PASSWORD_SECRET} - secret for signing restore passwords tokens
{CONFIRM_EMAIL_SECRET} - secret for signing confirm email tokens
{EMAIL_POSTMARK_TOKEN} - token from postmark app to send emails through
{EMAIL_SENDER_FROM} - name and email to substitute to letter's From field
{EMAIL_TEMPLATE_RESTORE_PASSWORD_REQUEST} - postmark's template id for restore password confirmation mail
{EMAIL_TEMPLATE_RESTORE_PASSWORD} - postmark's template id for mail with new password
{EMAIL_TEMPLATE_CONFIRM_EMAIL} - postmark's template id for confirm user email
{EMAIL_TEMPLATE_USER_SIGNUP_LOCAL} - postmark's template id for local signup mail
{EMAIL_TEMPLATE_USER_SIGNUP_SOCIAL} - postmark's template id for social signup mail
{CORS_VALID_ORIGINS} - list of valid origins for CORS protection, separated by comma. Notice! Value of * uses by default (disable CORS protection)
{MONGO_DSN} - DNS for MongoDB connection
{SENTRY_DSN} - public DSN for Sentry
{STRIPE_PUBLISHABLE_KEY} - Publishable (public) key for Stripe payments integration
{STRIPE_SECRET_KEY} - Secret key for Stripe payments integration
{STRIPE_WEBHOOK_SECRET} - Secret key for Stripe webhooks
Optional params
{MAILCHIMP_MAILLISTS_PATH} - maillists api path for mailchimp: /3.0/lists
{MAILCHIMP_METADATA_URL} - metadata url for mailchimp: https://login.mailchimp.com/oauth2/metadata
{NGINX_CONFIGS_DIR} - Path to shared directory with nginx configs, 'sites_enabled' by default
{LANDINGS_HTML_DIR} - Path to root directory with landings, 'landings_html' by default
{LANDINGS_PUBLISHING_HOST} - Host with published landings (will publish on sub-domain by default)
{ROUTES_PREFIX} - Common prefix for all routes, use /api/v1 by default
{SERVER_PORT} - Port of koa http server
{ACCESS_TOKEN_LIFETIME} - lifetime for access tokens, in hours, 1 by default
{REFRESH_TOKEN_LIFETIME} - lifetime for refresh tokens, in hours, 72 by default
{CONFIRM_EMAIL_LIFETIME} - lifetime for confirm email tokens, in hours, 24 by default
{RESTORE_PASSWORD_LIFETIME} - lifetime for restore passwords tokens, in minutes (!), 15 by default
{AUTH_CHECK_USER_AGENT} - check user-agent on auth request, false by default
{AUTH_CHECK_IP} - check IP on auth request, false by default
{GOOGLE_AUTH_CLIENT_ID} - client id for google social auth
{GOOGLE_AUTH_CLIENT_SECRET} - client secret for google social auth
{MAILCHIMP_AUTH_CLIENT_ID} - client id for mailchimp social auth
{MAILCHIMP_AUTH_CLIENT_SECRET} - client secret for mailchimp social auth
{S3_ACCESS_KEY_ID} - access key id for Amazon S3 storage for file upload
{S3_SECRET_ACCESS_KEY} - secret access key for Amazon S3 storage for file upload
{S3_BUCKET} - bucket for Amazon S3 storage for file upload
{S3_REGION} - region for Amazon S3 storage for file upload
{CDN_HOST} - CDN host, incl. protocol, for example http://mycdn.net
{CDN_PATH} - common path on CDN
{MAX_FILE_SIZE} - max per-file size limit for uploads, in bytes, default is 31457280 (30 Mb)
{ENABLE_TRANSACTIONS} - enable transactions in MongoDB per user requests
Integration tests are require an live MongoDB server connection
Api specifications described in spec/openapi.yaml file. You may use Swagger to see them
All integration tests, also, validates their responses throught this specification.