learn-javascript-the-hard-way
/
bandolier-template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documenting the config.js too.

Browse Source
main
Zed A. Shaw 2 years ago
parent a58a4d0310
commit dae5f77d44
1 changed files with 87 additions and 14 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 101
      commands/templates/client/config.js

101
commands/templates/client/config.js
Unescape View File

@ -1,48 +1,121 @@
/* These are configuration options which can be public. /*
* WARNING: Do not put any sensitive keys in these files. They *will* be These are configuration options which can be public.
* seen by the end user if you do. Only things an unauthenticated user
* is allowed to see. Anything else should go in lib/config.js and ### Duplication On Purpose
* *never* import that file in any client/* files.
Do not put any sensitive keys in these files. They *will* be seen by the end
user if you do. Only things an unauthenticated user is allowed to see.
Anything else should go in lib/config.js and *never* import that file in any
client/* files.
That's why you'll see duplicate information found in the `secrets/config.json`
(imported by `lib/config.js`). Resist the programmer tendency to eliminate
duplication and keep this file's information ___very___ separate from the
information in `secrets/config.json`.
The primary reason is I've found that claims from build tools to do "tree
shaking" are mostly lies. There's been plenty of times when `rollup` has
imported entire modules when I've only used one function, included code that
was purposefully excluded with a constant, and other errors. Due to the
unreliable nature of "tree shaking" I suggest you _always_ analyze your builds
for extra junk being imported and purposefully trim down anything you find
your build tool including on accident.
For security though, you should never trust that "tree shaking" will work to
exclude secret information. Always place private information in a completely
separate file and then exclude that file in your `.gitignore` so it's never
committed to your git repository.
*/
/*
Should the payments be faked? Look in `client/pages/Payment.svelte` for where this is checked and used.
*/ */
export const fake_payments = true; export const fake_payments = true;
/*
The WebTorrent configuration to use. This is passed to WebTorrent as configuration
options to anything WebTorrent accepts should work.
*/
export const webtorrent = { export const webtorrent = {
use_dht: false, use_dht: false,
private: true private: true
} }
export const product = { /*
price: 20, If you use [BTCPayServer](https://btcpayserver.org/) then this is the URL to the `btcpay.js` file
currency: 'USD', they tell you to setup. Also remember to set `disabled: false` in the `secrets/config.json` file.
description: 'Super Product', */
id: 1
}
export const btcpay_url = 'https://pay.yoursite.com/modal/btcpay.js'; export const btcpay_url = 'https://pay.yoursite.com/modal/btcpay.js';
// brought over from ljsthw but need to adapt to the new product setting
export const product_id = product.id;
/*
This simple stock demo project just sells one product, so you put the `id` here after you create
it in the `product` table.
*/
export const product_id = 1;
/*
The same `base_host` that you have in `secrets/config.json`.
___FOOTGUN___: This has to be duplicated since we want a _clear_ separation
between ___private___ information in `secrets/` and public information in
`client/`.
*/
export const base_host = 'http://127.0.0.1:5001'; export const base_host = 'http://127.0.0.1:5001';
/*
Used in emails and pages to tell people who to email.
*/
export const support_email = "help@yourcompany.com"; export const support_email = "help@yourcompany.com";
/*
Your Paypal ___public___ configuration.
___FOOTGUN___: Yes, this is duplicated from `secrets/config.json` and you
should duplicate it to ensure that you do ___not___ leak your Paypal private
information in your client builds.
*/
export const paypal_public = { export const paypal_public = {
disabled: true, disabled: true,
client_id: "YOUR PAYPAL PUBLIC KEY", client_id: "YOUR PAYPAL PUBLIC KEY",
} }
/*
Your Stripe ___public___ configuration.
___FOOTGUN___: Yes, this is duplicated from `secrets/config.json` and you
should duplicate it to ensure that you do ___not___ leak your Stripe private
information in your client builds.
*/
export const stripe_public = { export const stripe_public = {
disabled: false, disabled: false,
client_id: "pk_MhuNltOn2Gq5VBZ9lMNxv4CB3wFOa" client_id: "pk_MhuNltOn2Gq5VBZ9lMNxv4CB3wFOa"
} }
/*
What darkmode theme do visitors see first? See `client/components/Darkmode.svelte`
for how this is used.
*/
export const darkmode_default = "light"; export const darkmode_default = "light";
/*
Can people register on your site. If you're setting up the site on an initial
public server you might want to disable registration until it's working.
*/
export const register_enabled = true; export const register_enabled = true;
/*
Default log levels to display in the browser console.
*/
export const log_levels = ["debug", "warn", "info", "error", "table", "assert"]; export const log_levels = ["debug", "warn", "info", "error", "table", "assert"];
/*
I'm using Twitter but you can probably find where this is used and change it
to your favorite Twitter alternative.
*/
export const twitter_user = "@lzsthw"; export const twitter_user = "@lzsthw";
/*
Primarily used in the `commands/gen_players.js` command to generate various "cards", such as Video player cards for Twitter or OG Video cards for LinkedIn and Facebook.
*/
export const site_name = "127.0.0.1:5001"; export const site_name = "127.0.0.1:5001";

Write Preview
Loading…
Cancel
Save