API configuration

The API is configurured trought either environment variables or a local config file /config/local.js
Server settings
Basic server settings
API_URL
API_HOSTNAME
API_EXPRESS_PORT
API_EMAILADDRESS
  "url": "",
  "hostname": "",
  "emailAddress": "",
  "express": {
    "port": 0
  },
Database
MySQL database access
API_DATABASE_USER
API_DATABASE_PASSWORD
API_DATABASE_DATABASE
API_DATABASE_HOST
  "database": {
    "user": "",
    "password": "",
    "database": "",
    "host": "",
    "dialect": "",
    "multipleStatements": true
  },
Cookie settings
API_SECURITY_SESSIONS_COOKIENAME
API_SECURITY_SESSIONS_ONLYSECURE
  "security": {
    "sessions": {
      "secret": "KrkA3jezYn1nX5yHVYAhTzicG0shq8Bl",
      "onlySecure": false
    }
  },
Email for notifications
The API sends emails to users and administrators. Use these settings to configure the SMTP settings
API_MAIL_FROM
API_MAIL_TRANSPORT_SMTP_PORT
API_MAIL_TRANSPORT_SMTP_HOST
API_MAIL_TRANSPORT_SMTP_REQUIRESSL
API_MAIL_TRANSPORT_SMTP_AUTH_USER
API_MAIL_TRANSPORT_SMTP_AUTH_PASS
API_NOTIFICATIONS_ADMIN_EMAILADDRESS
  "mail": {
    "from": "",
    "transport": {
      "smtp": {
        "port": 0,
        "host": "",
        "requireTLS": true,
        "name": "",
        "auth": {
          "user": "",
          "pass": ""
        }
      }
    }
  },
This is the address of the administrator that should receive notifications (1):
  "notifications": {
    "admin": {
      "emailAddress": ""
    }
  },
Oauth
Handling of oauth calls, and connecting to the oauth server
API_AUTHORIZATION_JWTSECRET
AUTH_API_URL
AUTH_FIRST_CLIENT_ID
AUTH_FIRST_CLIENT_SECRET
  "authorization": {
    "jwt-secret": "",
    "auth-server-url": "",
    "auth-client-id": "", // (1)
    "auth-client-secret": "", // (1)
    "auth-server-login-path": "/dialog/authorize?redirect_uri=[[redirectUrl]]&response_type=code&client_id=[[clientId]]&scope=offline",
    "auth-server-exchange-code-path": "/oauth/token",
    "auth-server-get-user-path": "/api/userinfo?client_id=[[clientId]]",
    "auth-server-logout-path": "/logout?clientId=[[clientId]]",
    "after-login-redirect-uri": "/?jwt=[[jwt]]",
    "fixed-auth-tokens": [{ "token": "123", "userId": "1" }] // see below
  }
  "allowedOrigins": [
    "http://test-project.cms.niels:8109"
  ],
Ignore brute force
A list of IP's that will not be blocked by the brute force checks
IGNORE_BRUTE_FORCE_IP
  "ignoreBruteForce": [],
Anonymize users
When anonymizing users change the names of those users to this, to be shown in ideas and arguments
    "anonymize": {
      "firstName": "This user",
      "lastName": "has been deleted"
    }
  },
Other
TEMPLATE_SOURCE
  "templateSource": "https://cdn.openstad.nlsvgtr.nl/meer/ecosystem-templates/site/index.json",
  "ideas": {
    "duration": 60
  },
API_NOTIFICATIONS_ADMIN_EMAILADDRESS
API_NOTIFICATIONS_SENDENDDATENOTIFICATIONSXDAYSBEFORE
"notifications": {
  "admin": {
    "emailAddress": "[email protected]"
  },
  "sendEndDateNotifications": {
    "XDaysBefore": 10
  }
}
​
Fixed Auth Tokens
It is possible to allow access to the API through a fixed token. This token should be configured to represent a specific existing user.
This mechanism is used to allow access to the API to other OpenStad servers (Admin panel, Frontend) but can also be used to allow access the API server to other external services or other REST tools.
Fixed auth tokens are configured in either the env var API_AUTHORIZATION_FIXEDAUTHTOKENS or the local config file. It is a list of tokens and user id's:
[
  { "token": "123", "userId": "1" },
  { "token": "456", "userId": "31" }
]
(1) These settings are normally defined in the site config, but default to the values provided here
​
Database migrations
oAuth2
Last modified 7mo ago