- Git
- Node.js and npm
- MySQL
- KnexJS
- OpenSSL
#MySQL settings
DB_HOST=
DB_USER=
DB_PASSWORD=
DB_NAME=
# Set SMTP mail server (currently only SMTP support)
MAIL_SERVER_URL=smtp.gmail.com
MAIL_SERVER_PORT=465
MAIL_SERVER_SECURE=true
MAIL_SERVER_PASSWORD=
MAIL_SERVER_USER_NAME=
# Set the redirect URL (if generated with seeds, will be put in database)
ADMIN_REDIRECT_URL=
# Set the APP url ()
APP_URL=http://localhost:2000
EMAIL_ASSETS_URL=
# Set the from name and email from which emails will be send (for example: password forgot & login url)
FROM_NAME=
FROM_EMAIL=
npm i
openssl genrsa -out privatekey.pem 2048
openssl req -new -key privatekey.pem -out certrequest.csr
openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem
Put them in a dir called /certs. Code expects certs/privatekey.pem.
npm i knex -g
knex migrate:latest
knex seed:run
After generating the token the console outputs. If you miss this you can find this in the mysql table: unique_codes (should just be one row). This code will allow you to login with a unique token. After you will be asked. You can change the login options at the client screen.
Set the site Url en redirectUrl. Give the site a good name, they will see this in different login screens.
For instance grant or ...
Authorize url: APP_URL/dialog/authorize Access url: APP_URL/oauth/token
A rough admin panel was developed, but not being used since we use the openstad admin panel for this, a rough working version with views & routes can be found in the branch feature/rough-admin-panel
If you are run a dev environment without SSL, turn off secure cookies in .env
COOKIE_SECURE_OFF=yes
If you want to configure the SMTP server through which e-mails are sent on a site-by-site basis, this is possible through configuration in the database.
Under the clients
table in the config
column you can set the following parameters:
"smtpTransport": {
"host": "smtp.gmail.com",
"port": 465,
"secure": true,
"auth": {
"user": "username@gmail.com",
"pass": "password"
}
}
Any configuration not provided will be fetched from the values set in the .env
A default favicon can now be set through DEFAULT_FAVICON
in the .env file.
This default favicon can be overwritten by setting the styling.favicon
in the config
column in the clients
table.
By default the required fields have labels as defined in config/user.js
. These labels can be overwritten in the clients
table under the config
column:
"requiredFields": {
"labels": {
"firstName": "Naam (alias)"
}
}
When you want to connect to a MySQL server using SSL, a Certificate Authority certificate is required. The contents of this CA certificate can be passed into the MYSQL_CA_CERT
environment variable.
In some cases, e-mail filters (such as Cisco Umbrella) will invalidate the login e-mail link, because all links are visited by the filter.
To combat this, the Cisco Umbrella CIDRs are blocked by default from visiting the /auth/url/authenticate
route.
If you need to add other CIDRs to this block, this can be done on a per client basis through the clients
table under the config
column:
"blockCidrs": [
"1.2.3.4/16",
"4.4.4.4/16"
]
Note: When adding your own blockCidrs
like this, the default Cisco umbrella CIDRs will be overwritten.