d-bis/dbis_core-lite
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
929fe6f6b64c42efd31db9c97a56ad21a9ecd0b7
dbis_core-lite/src/config/config-validator.ts
defiQUG 929fe6f6b6 Initial commit: add .gitignore and README
2026-02-09 21:51:45 -08:00

71 lines
2.2 KiB
TypeScript
Raw Blame History

import Joi from 'joi';
import { config } from './env';
import { appLogger } from '../audit/logger/logger';
/**
* Configuration validation schema
*/
const configSchema = Joi.object({
nodeEnv: Joi.string().valid('development', 'production', 'test').required(),
port: Joi.number().integer().min(1).max(65535).required(),
database: Joi.object({
url: Joi.string().uri().required(),
}).required(),
redis: Joi.object({
url: Joi.string().uri().optional(),
}).optional(),
jwt: Joi.object({
secret: Joi.string().min(32).required(),
expiresIn: Joi.string().required(),
}).required(),
receiver: Joi.object({
ip: Joi.string().ip().required(),
port: Joi.number().integer().min(1).max(65535).required(),
sni: Joi.string().hostname().required(),
tlsVersion: Joi.string().valid('TLSv1.2', 'TLSv1.3').required(),
clientCertPath: Joi.string().allow('').optional(),
clientKeyPath: Joi.string().allow('').optional(),
caCertPath: Joi.string().allow('').optional(),
certificateFingerprint: Joi.string().allow('').optional(),
enforceCertificatePinning: Joi.boolean().optional(),
}).required(),
compliance: Joi.object({
screeningTimeout: Joi.number().integer().min(1000).required(),
}).required(),
audit: Joi.object({
retentionYears: Joi.number().integer().min(1).max(10).required(),
logLevel: Joi.string().valid('error', 'warn', 'info', 'debug').required(),
}).required(),
});
/**
* Validate configuration on startup
*/
export function validateConfig(): void {
const { error } = configSchema.validate(config, {
abortEarly: false,
allowUnknown: false,
});
if (error) {
const errors = error.details.map((d) => d.message).join(', ');
appLogger.error('Configuration validation failed', { errors });
throw new Error(`Invalid configuration: ${errors}`);
}
// Additional validations
if (config.jwt.secret === 'change-this-secret-key') {
appLogger.warn(
'Using default JWT secret. This should be changed in production!'
);
}
if (config.nodeEnv === 'production' && config.jwt.secret.length < 64) {
appLogger.warn(
'JWT secret is too short for production. Consider using a longer secret.'
);
}
appLogger.info('Configuration validated successfully');
}
Reference in New Issue View Git Blame Copy Permalink