diff --git a/config-sample.ini b/config-sample.ini index baa026730..84fb29cdd 100644 --- a/config-sample.ini +++ b/config-sample.ini @@ -46,4 +46,30 @@ cookieMaxAge=1814400 [Sync] #syncServerHost= #syncServerTimeout= -#syncServerProxy= \ No newline at end of file +#syncServerProxy= + +[MultiFactorAuthentication] +# Set to true to enable TOTP authentication +# This will require users to enter a one-time password in addition to their password to log in to Trilium +# This is a security feature that adds an extra layer of protection to your account +totpEnabled=false + +# Set the secret key for TOTP authentication +# This is a security feature that adds an extra layer of protection to your account +totpSecret= + +# Set to true to enable OAuth/OpenID authentication +# This will allow users to log in to Trilium using an account from another service, like Google, to verify their identity +ssoEnabled=false + +# Set the base URL for OAuth/OpenID authentication +# This is the URL of the service that will be used to verify the user's identity +oauthBaseUrl= + +# Set the client ID for OAuth/OpenID authentication +# This is the ID of the client that will be used to verify the user's identity +oauthClientId= + +# Set the client secret for OAuth/OpenID authentication +# This is the secret of the client that will be used to verify the user's identity +oauthClientSecret= diff --git a/src/services/config.ts b/src/services/config.ts index f61eb19f5..afc51d674 100644 --- a/src/services/config.ts +++ b/src/services/config.ts @@ -41,6 +41,14 @@ export interface TriliumConfig { syncServerTimeout: string; syncProxy: string; }; + MultiFactorAuthentication: { + totpEnabled: boolean; + totpSecret: string; + ssoEnabled: boolean; + oauthBaseUrl: string; + oauthClientId: string; + oauthClientSecret: string; + }; } //prettier-ignore @@ -50,13 +58,13 @@ const config: TriliumConfig = { instanceName: process.env.TRILIUM_GENERAL_INSTANCENAME || iniConfig.General.instanceName || "", - noAuthentication: + noAuthentication: envToBoolean(process.env.TRILIUM_GENERAL_NOAUTHENTICATION) || iniConfig.General.noAuthentication || false, - noBackup: + noBackup: envToBoolean(process.env.TRILIUM_GENERAL_NOBACKUP) || iniConfig.General.noBackup || false, - noDesktopIcon: + noDesktopIcon: envToBoolean(process.env.TRILIUM_GENERAL_NODESKTOPICON) || iniConfig.General.noDesktopIcon || false }, @@ -67,14 +75,14 @@ const config: TriliumConfig = { port: process.env.TRILIUM_NETWORK_PORT || iniConfig.Network.port || "3000", - https: + https: envToBoolean(process.env.TRILIUM_NETWORK_HTTPS) || iniConfig.Network.https || false, - certPath: + certPath: process.env.TRILIUM_NETWORK_CERTPATH || iniConfig.Network.certPath || "", - keyPath: - process.env.TRILIUM_NETWORK_KEYPATH || iniConfig.Network.keyPath || "", + keyPath: + process.env.TRILIUM_NETWORK_KEYPATH || iniConfig.Network.keyPath || "", trustedReverseProxy: process.env.TRILIUM_NETWORK_TRUSTEDREVERSEPROXY || iniConfig.Network.trustedReverseProxy || false @@ -98,8 +106,27 @@ const config: TriliumConfig = { syncProxy: // additionally checking in iniConfig for inconsistently named syncProxy for backwards compatibility process.env.TRILIUM_SYNC_SERVER_PROXY || iniConfig?.Sync?.syncProxy || iniConfig?.Sync?.syncServerProxy || "" - } + }, + MultiFactorAuthentication: { + totpEnabled: + envToBoolean(process.env.TRILIUM_TOTPENABLED) || iniConfig?.MultiFactorAuthentication?.totpEnabled || false, + + totpSecret: + process.env.TRILIUM_TOTPSECRET || iniConfig?.MultiFactorAuthentication?.totpSecret || "", + + ssoEnabled: + envToBoolean(process.env.TRILIUM_SSO_ENABLED) || iniConfig?.MultiFactorAuthentication?.ssoEnabled || false, + + oauthBaseUrl: + process.env.TRILIUM_OAUTH_BASEURL || iniConfig?.MultiFactorAuthentication?.oauthBaseUrl || "", + + oauthClientId: + process.env.TRILIUM_OAUTH_CLIENTID || iniConfig?.MultiFactorAuthentication?.oauthClientId || "", + + oauthClientSecret: + process.env.TRILIUM_OAUTH_CLIENTSECRET || iniConfig?.MultiFactorAuthentication?.oauthClientSecret || "" + } }; export default config;