commit c2835b6843e2f838e9f219ef4dfbe7caa3f864eb
parent baf4ef8eec67a9137694c3b20dbf3fcf68f346c7
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Mon, 11 Jul 2022 20:46:25 +0200
update config and readme
Diffstat:
3 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/README.md b/README.md
@@ -23,6 +23,7 @@ The configuration file of taldir is `taldir.conf`.
The following configuration variables exist:
+For the `[taldir]` section:
* "production" (boolean): true for a production deployment. Causes verbose log messages to be inhibited.
* "db_backend" (string): "sqlite" for the SQLite database backend to be used.
@@ -30,7 +31,25 @@ The following configuration variables exist:
* "email_sender" (string): For email validations, what should the sender address be.
* "host" (string): For the validation link, which hostname should be used (useful if behind proxy).
* "bind_to" (string): Where to bind and listen (HTTP server).
- * "salt" (string): The salt to use for identity key hashes in the databse.
+ * "salt" (string): The salt to use for identity key hashes in the databse may alternatively be an environment variable `TALDIR_SALT`.
+ * "monthly_fee" (string): The monthly fee for a registration (Default: "KUDOS:1")
+ * "default_doc_filetype" (string): The default file type for the terms of service and privacy policy documents (Default: "text/markdown")
+ * "default_doc_lang" (string): The default language for the terms of service and privacy policy documents (Default: "en-US")
+ * "default_tos_path" (string): The path for the terms of service documents. Taldir will look for `<lang>.<extension>` depending on the requested file type ("Accept"-header) and locale ("Accept-Language"-header) (Default: "terms/")
+ * "default_pp_path" (string): See `default_tos_path` (Default: "privacy/")
+ * "challenge_bytes" (number): The number of bytes (entropy) of the generated challenge (Default: 16)
+ * "validation_initiation_max" (number): How many challenges can be requested to validate an address (Default: 3)
+ * "validation_timeframe" (string): The timeframe in which challenges can be requested up to `validation_initiation_max` times (Default: 10m)
+ * "solution_attempt_max" (number): How often can the solution be attempted for a challenge in the `solution_attempt_timeframe` (Default: 3)
+ * "solution_duration_timeframe" (string): The timeframe in which the solution can be attempted `solution_attempt_max` times (Default: "1h")
+
+For the `[taldir-pq]` section:
+
+ * "host" (string): The host of the Postgres database to use (Default: "localhost")
+ * "port" (number): The port of the Postres database to use (Default: 5432)
+ * "user" (string): The database user (Default: "taldir")
+ * "password" (string): The database user password (Default: "secret")
+ * "db_name" (string): The database name (Default: "taldir")
Examples and defaults for the configuration can be found in the `taldir.conf` file shipped with this software.
diff --git a/pkg/rest/taldir.go b/pkg/rest/taldir.go
@@ -72,8 +72,8 @@ type Taldir struct {
// The address salt
Salt string
- // Challence TTL
- ChallengeTtl time.Duration
+ // The timeframe for the validation requests
+ ValidationTimeframe time.Duration
// How often may a challenge be requested
ValidationInitiationMax int
@@ -411,12 +411,12 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
if err == nil {
// Limit re-initiation attempts
validation.InitiationCount++
- if time.Now().Before(validation.TimeframeStart.Add(t.ChallengeTtl)) {
+ if time.Now().Before(validation.TimeframeStart.Add(t.ValidationTimeframe)) {
if validation.InitiationCount > t.ValidationInitiationMax {
w.WriteHeader(429)
rlResponse := RateLimitedResponse{
Code: gana.TALDIR_REGISTER_RATE_LIMITED,
- RequestFrequency: t.ChallengeTtl.Microseconds() / int64(t.ValidationInitiationMax),
+ RequestFrequency: t.ValidationTimeframe.Microseconds() / int64(t.ValidationInitiationMax),
Hint: "Registration rate limit reached",
}
jsonResp, _ := json.Marshal(rlResponse)
@@ -682,8 +682,8 @@ func (t *Taldir) Initialize(cfgfile string) {
t.ValidationInitiationMax = t.Cfg.Section("taldir").Key("validation_initiation_max").MustInt(3)
t.SolutionAttemptsMax = t.Cfg.Section("taldir").Key("solution_attempt_max").MustInt(3)
- validationTtlStr := t.Cfg.Section("taldir").Key("challenge_ttl").MustString("5m")
- t.ChallengeTtl, err = time.ParseDuration(validationTtlStr)
+ validationTtlStr := t.Cfg.Section("taldir").Key("validation_timeframe").MustString("5m")
+ t.ValidationTimeframe, err = time.ParseDuration(validationTtlStr)
if err != nil {
log.Fatal(err)
}
diff --git a/taldir.conf b/taldir.conf
@@ -5,7 +5,6 @@ host = "https://taldir.gnunet.org"
bind_to = "localhost:11000"
salt = "ChangeMe"
monthly_fee = KUDOS:1
-request_frequency_microseconds = 5000000
default_doc_filetype = text/markdown
default_doc_lang = en-US
default_tos_path = terms/
@@ -13,7 +12,7 @@ default_pp_path = privacy/
challenge_bytes = 16
validation_initiation_max = 3
solution_attempt_max = 3
-challenge_ttl = 10m
+validation_timeframe = 10m
solution_attempt_timeframe = 1h
[taldir-email]
