From a55a2992fe52735e4ca0410a8bbae9ec29803f91 Mon Sep 17 00:00:00 2001
From: axel <contact@axel.moe>
Date: Fri, 18 Apr 2025 14:46:08 +0200
Subject: [PATCH] feat: add configuration - closes #7 for now

---
 .env.example                     | 18 ++++++++++++++++++
 src/hooks.server.ts              | 17 +++++++++++------
 src/lib/server/sessions.ts       |  3 ++-
 src/routes/dash/+layout.svelte   |  3 ++-
 src/routes/login/+page.server.ts |  6 +++---
 src/routes/login/+page.svelte    |  3 ++-
 6 files changed, 38 insertions(+), 12 deletions(-)
 create mode 100644 .env.example

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..07d1d0f
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,18 @@
+# How long a user stays signed in, in seconds
+SESSION_LIFETIME=86400
+
+# Whether to use the 'Secure' attribute on the session cookie
+USE_SECURE=true
+
+# Set to true if you're running this behing a reverse proxy (you should, given there is no built-in SSL support)
+USE_REVERSE_PROXY=true
+
+# Name of the header containing the request's emitter's IP adress. No effect is USE_REVERSE_PROXY is false.
+REAL_IP_HEADER=X-Forwarded-For
+
+# Uncomment to choose your own default admin password (you should change it afterwards regardless)
+# Else, a random one will be generated and printed to logs and written to ./data/default_admin_pass.txt
+# DEFAULT_ADMIN_PASS=changeme
+
+# Prefix for the tabs' titles
+PUBLIC_SITE_NAME=WOL Panel
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index b46c511..f4ad403 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,3 +1,4 @@
+import { env } from '$env/dynamic/private';
 import { initRepos, users } from '$lib/server/db';
 import { Guard } from '$lib/server/guard';
 import { getUserFromSession } from '$lib/server/sessions';
@@ -10,7 +11,16 @@ export const init: ServerInit = async () => {
   await initRepos();
 
   if (!(await users.any())) {
-    const pass = nanoid();
+    let pass = env.DEFAULT_ADMIN_PASS;
+
+    if (!pass) {
+      pass = nanoid();
+
+      console.log(`default admin password: ${pass}`);
+      console.log("saved to ./default_admin_pass.txt, don't share it and change it asap");
+
+      writeFileSync('./data/default_admin_pass.txt', pass);
+    }
 
     await users.create({
       name: 'admin',
@@ -19,11 +29,6 @@ export const init: ServerInit = async () => {
       groups: [],
       devices: [],
     });
-
-    console.log(`default admin password: ${pass}`);
-    console.log("saved to ./default_admin_pass.txt, don't share it and change it asap");
-
-    writeFileSync('./data/default_admin_pass.txt', pass);
   }
 };
 
diff --git a/src/lib/server/sessions.ts b/src/lib/server/sessions.ts
index 99c28c1..8a62497 100644
--- a/src/lib/server/sessions.ts
+++ b/src/lib/server/sessions.ts
@@ -1,3 +1,4 @@
+import { env } from '$env/dynamic/private';
 import { nanoid } from 'nanoid';
 import { users } from './db';
 
@@ -11,7 +12,7 @@ const sessions: Map<string, SessionData> = new Map();
 export function createSession(data: SessionData) {
   const token = nanoid();
   sessions.set(token, data);
-  setTimeout(() => sessions.delete(token), 1000 * 60 * 60 * 24);
+  setTimeout(() => sessions.delete(token), parseInt(env.SESSION_LIFETIME) * 1000 || 86_400_000);
   return token;
 }
 
diff --git a/src/routes/dash/+layout.svelte b/src/routes/dash/+layout.svelte
index 7ab4a52..bc2314e 100644
--- a/src/routes/dash/+layout.svelte
+++ b/src/routes/dash/+layout.svelte
@@ -1,5 +1,6 @@
 <script lang="ts">
   import { page } from '$app/state';
+  import { env } from '$env/dynamic/public';
   import { pageTitle } from '$lib/v2/globalStores.js';
   import { slideFade } from '$lib/v2/transitions/slideFade.js';
   import NavBar from '$lib/v2/ui/NavBar.svelte';
@@ -21,7 +22,7 @@
 </script>
 
 <svelte:head>
-  <title>Dashboard - {$pageTitle}</title>
+  <title>{env.PUBLIC_SITE_NAME} - {$pageTitle}</title>
 </svelte:head>
 
 <div
diff --git a/src/routes/login/+page.server.ts b/src/routes/login/+page.server.ts
index bd2e0be..36af376 100644
--- a/src/routes/login/+page.server.ts
+++ b/src/routes/login/+page.server.ts
@@ -1,4 +1,4 @@
-import { dev } from '$app/environment';
+import { env } from '$env/dynamic/private';
 import { PARSE_ERROR } from '$lib/server/commonResponses';
 import { users } from '$lib/server/db';
 import { createSession } from '$lib/server/sessions';
@@ -42,9 +42,9 @@ export const actions = {
       {
         path: '/',
         httpOnly: true,
-        secure: !dev, // safari doesn't allow secure cookies on localhost
+        secure: env.USE_SECURE != 'false',
         sameSite: true,
-        maxAge: 60 * 60 * 24,
+        maxAge: parseInt(env.SESSION_LIFETIME) || 86400,
       },
     );
 
diff --git a/src/routes/login/+page.svelte b/src/routes/login/+page.svelte
index 14847cb..a965d5f 100644
--- a/src/routes/login/+page.svelte
+++ b/src/routes/login/+page.svelte
@@ -1,4 +1,5 @@
 <script lang="ts">
+  import { env } from '$env/dynamic/public';
   import InputText from '$lib/v2/forms/InputText.svelte';
   import { Button } from 'bits-ui';
   import IconLogin2 from '~icons/tabler/login2';
@@ -8,7 +9,7 @@
 </script>
 
 <svelte:head>
-  <title>WOL Panel - Sign In</title>
+  <title>{env.PUBLIC_SITE_NAME} - Sign In</title>
 </svelte:head>
 
 <div class="flex items-center justify-center w-svw h-svh bg-neutral-900">