Openstad
  • Introductie
  • Projectmanagement
    • Algemene kaders
    • Participatieprocessen
      • Voorkeurspeiling
      • Wedstrijd
      • Participatief begroten
  • Digitale tools
    • OpenStad CMS basis
      • Inloggen
      • De bouwstenen
      • Live in-page editing
      • Bewerkmodus (Draft)
      • Versiebeheer
    • Participatieprocessen
      • Voorkeurspeiling
      • Wedstrijd
      • Participatief begroten
    • How-to's
      • Nieuwe site aanmaken
      • Nieuwe pagina's toevoegen
      • Pagina's vullen
      • Inzendingen uploaden
      • Inzendingen weergeven
      • Filteren en categoriseren van inzendingen
      • Likes verzamelen
      • Reacties en argumenten
      • Interactieve kaart
      • Polygonen
      • Newsletter
      • Moderatie
      • Unieke stemcodes
      • Stemmen
      • Gebruikersbeheer
      • Gebruikers anonimiseren per website
      • Inzendingen exporteren en importeren
      • Vormgeving & logo aanpassen
      • E-mail notificaties
    • Widgets referentie
      • Accordeon
      • Agenda
      • Arguments
      • Columns
      • Slider
      • Counter
      • Date countdown bar
      • Ideas map
      • Ideeën op een kaart (Kaart applicatie)
      • iFrame
      • Image
      • Info bar
      • Link or button
      • List
      • Like
      • Location
      • Participatory budgeting
      • Keuzewijzer
      • Keuzewijzer resultaten
      • Rich text
      • Resource admin buttons
      • Resource overview
      • Resource form
      • Resource representation
      • Resource raw widget
      • Resource image
      • Speech bubble
      • Share widgets
      • Title
      • User remove form
      • Video upload
      • Video 3d party
      • Vorige volgende knoppen
    • Algemeen
      • Terminologie
      • Waarschuwingen
      • Adminpanel
      • Adminpanel (beta)/React admin
      • Page Settings
      • OpenStad hoofdmenu
        • Tags
        • Global
        • Open palette
        • Clear cache
        • Pages
        • Users
        • Images
        • Files
        • Workflow
        • Logout
      • Styles for the container
      • Interactieve kaart thema iconen
      • Inzendingen (ideas)
      • Artikelen (articles)
      • Gebruikers (users)
      • Authenticatie methodes
      • Rollen
      • URL's
      • Testen
      • Raw
      • Resources
  • Technical documentation (English)
    • Architecture
    • Getting started
    • Deploying to production
      • Kubernetes
      • Installing on Digital ocean with Kubernetes
      • Backups
      • Deploying a custom image
    • Frontend: CMS
      • Apostrophe CMS
      • The Openstad version of ApostropheCMS
      • Using openstad-components
      • Configuration
    • Frontend: Components
      • Use and configuration
      • Publishing
      • Components
        • Choices Guide
        • Ideas On Map
    • Api
      • Site
      • Idea
      • Argument
      • Vote
      • Article
      • Newsletter Signup
      • User
      • Auth
      • Resource & Data permissions
      • Pagination and search
      • Email settings
      • Database migrations
      • API configuration
    • oAuth2
      • Oauth2 configuration
    • Management panel
      • Management Panel configuration
    • Image server
    • Contributing & versioning
    • Git flow
    • Roadmap
Powered by GitBook
On this page
  1. Technical documentation (English)
  2. Api

API configuration

The API is configurured trought either environment variables or a local config file /config/local.js

Server settings

Basic server settings

API_URL
API_HOSTNAME
API_EXPRESS_PORT
API_EMAILADDRESS
  "url": "",
  "hostname": "",
  "emailAddress": "",
  "express": {
    "port": 0
  },

Database

MySQL database access

API_DATABASE_USER
API_DATABASE_PASSWORD
API_DATABASE_DATABASE
API_DATABASE_HOST
  "database": {
    "user": "",
    "password": "",
    "database": "",
    "host": "",
    "dialect": "",
    "multipleStatements": true
  },

Cookie settings

API_SECURITY_SESSIONS_COOKIENAME
API_SECURITY_SESSIONS_ONLYSECURE
  "security": {
    "sessions": {
      "secret": "KrkA3jezYn1nX5yHVYAhTzicG0shq8Bl",
      "onlySecure": false
    }
  },

Email for notifications

The API sends emails to users and administrators. Use these settings to configure the SMTP settings

API_MAIL_FROM
API_MAIL_TRANSPORT_SMTP_PORT
API_MAIL_TRANSPORT_SMTP_HOST
API_MAIL_TRANSPORT_SMTP_REQUIRESSL
API_MAIL_TRANSPORT_SMTP_AUTH_USER
API_MAIL_TRANSPORT_SMTP_AUTH_PASS
API_NOTIFICATIONS_ADMIN_EMAILADDRESS
  "mail": {
    "from": "",
    "transport": {
      "smtp": {
        "port": 0,
        "host": "",
        "requireTLS": true,
        "name": "",
        "auth": {
          "user": "",
          "pass": ""
        }
      }
    }
  },

This is the address of the administrator that should receive notifications (1):

  "notifications": {
    "admin": {
      "emailAddress": ""
    }
  },

Oauth

Handling of oauth calls, and connecting to the oauth server

API_AUTHORIZATION_JWTSECRET
AUTH_API_URL
AUTH_FIRST_CLIENT_ID
AUTH_FIRST_CLIENT_SECRET
  "authorization": {
    "jwt-secret": "",
    "auth-server-url": "",
    "auth-client-id": "", // (1)
    "auth-client-secret": "", // (1)
    "auth-server-login-path": "/dialog/authorize?redirect_uri=[[redirectUrl]]&response_type=code&client_id=[[clientId]]&scope=offline",
    "auth-server-exchange-code-path": "/oauth/token",
    "auth-server-get-user-path": "/api/userinfo?client_id=[[clientId]]",
    "auth-server-logout-path": "/logout?clientId=[[clientId]]",
    "after-login-redirect-uri": "/?jwt=[[jwt]]",
    "fixed-auth-tokens": [{ "token": "123", "userId": "1" }] // see below
  }
  "allowedOrigins": [
    "http://test-project.cms.niels:8109"
  ],

Ignore brute force

A list of IP's that will not be blocked by the brute force checks

IGNORE_BRUTE_FORCE_IP
  "ignoreBruteForce": [],

Anonymize users

    "anonymize": {
      "firstName": "This user",
      "lastName": "has been deleted"
    }
  },

Other

TEMPLATE_SOURCE
  "templateSource": "https://cdn.openstad.nlsvgtr.nl/meer/ecosystem-templates/site/index.json",
  "ideas": {
    "duration": 60
  },
API_NOTIFICATIONS_ADMIN_EMAILADDRESS
API_NOTIFICATIONS_SENDENDDATENOTIFICATIONSXDAYSBEFORE
"notifications": {
  "admin": {
    "emailAddress": "webmaster@example.com"
  },
  "sendEndDateNotifications": {
    "XDaysBefore": 10
  }
}

Fixed Auth Tokens

It is possible to allow access to the API through a fixed token. This token should be configured to represent a specific existing user. This mechanism is used to allow access to the API to other OpenStad servers (Admin panel, Frontend) but can also be used to allow access the API server to other external services or other REST tools. Fixed auth tokens are configured in either the env var API_AUTHORIZATION_FIXEDAUTHTOKENS or the local config file. It is a list of tokens and user id's:

[
  { "token": "123", "userId": "1" },
  { "token": "456", "userId": "31" }
]

(1) These settings are normally defined in the site config, but default to the values provided here

PreviousDatabase migrationsNextoAuth2

Last updated 2 years ago

When change the names of those users to this, to be shown in ideas and arguments

anonymizing users