Migrate config to subobj (http and mysql) / .env fort prisma is written on startup / Add http.enable_csp config option

src/handlers/config.ts

@@ -1,17 +1,29 @@
-import log from './log.js';
 import ConfigManager from '../libs/configManager.js';
 import __path from './path.js';
 import _ from 'lodash';
 
 // Create a new config instance.
 const config = new ConfigManager(__path + '/config.json', true, {
-	db_connection_string: 'mysql://USER:PASSWORD@HOST:3306/DATABASE',
-	http_listen_address: '0.0.0.0',
-	http_port: 3000,
-	http_domain: 'example.org',
-	http_enable_hsts: false,
-	devmode: true,
-	devmode_fileupload: true
+//	db_connection_string: 'mysql://USER:PASSWORD@HOST:3306/DATABASE',
+	http: {
+		listen_address: '0.0.0.0',
+		port: 3000,
+		domain: 'example.org',
+		enable_hsts: false,
+		enable_csp: false
+	},
+	mysql: {
+		host: '',
+		port: 3306,
+		user: '',
+		password: '',
+		database: 'hydrationhub'
+	},
+	devmode: false,
+	devmode_fileupload: false
 });//, log.core); // Disabled due to Cyclic dependencies with log handler (specifically-> devmode for loglevel)
 
+
+
+
 export default config;

src/handlers/db.ts

@@ -1,13 +1,27 @@
 import { PrismaClient, Prisma } from '@prisma/client'; // Database
 import { Response } from 'express';
 import config from './config.js';
+import __path from './path.js';
 import log from './log.js';
+import fs from 'fs';
+import path from 'path';
+
+// Generate .env file for Prisma commands
+const dotEnvPath = path.join(__path, '/.env')
+const dotEnvExist = !fs.existsSync(dotEnvPath);
+
+fs.writeFileSync(dotEnvPath, `DATABASE_URL="mysql://${config.global.mysql.user}:${config.global.mysql.password}@${config.global.mysql.host}:${config.global.mysql.port}/${config.global.mysql.database}"`);
+log.core.info('Generated .env file for Prisma.');
+if (dotEnvExist) {
+	log.core.error('Please run "npx prisma db push" to synchronize the database.');
+	process.exit(1);
+}
 
 // TODO: Add errorhandling with some sort of message.
 const prisma = new PrismaClient({
 	datasources: {
 		db: {
-			url: config.global.db_connection_string
+			url: `mysql://${config.global.mysql.user}:${config.global.mysql.password}@${config.global.mysql.host}:${config.global.mysql.port}/${config.global.mysql.database}`
 		}
 	}
 });

src/index.ts

@@ -61,15 +61,15 @@ app.set('view engine', 'eta');
 
 // MARK: Express Middleware & Config
 app.set('x-powered-by', false); // helmet does this too. But not in devmode
-if (!config.global.devmode) {
+if (!config.global.devmode && config.global.http.enable_csp) {
 	app.use(
 		helmet({
-			strictTransportSecurity: config.global.http_enable_hsts,
+			strictTransportSecurity: config.global.http.enable_hsts,
 			contentSecurityPolicy: {
 				useDefaults: false,
 				directives: {
 					defaultSrc: ["'self'"],
-					scriptSrc: ["'self'", config.global.http_domain],
+					scriptSrc: ["'self'", config.global.http.domain],
 					objectSrc: ["'none'"],
 					upgradeInsecureRequests: config.global.devmode ? null : []
 				}
@@ -85,8 +85,8 @@ app.use(bodyParser.json());
 app.use(routes);
 
 // TODO: Remove hardcoded http
-app.listen(config.global.http_port, config.global.http_listen_address, () => {
-	log.web.info(`Listening at http://${config.global.http_listen_address}:${config.global.http_port}`);
+app.listen(config.global.http.port, config.global.http.listen_address, () => {
+	log.web.info(`Listening at http://${config.global.http.listen_address}:${config.global.http.port}`);
 });
 
 log.core.trace('Running from path: ' + __path);