X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=config%2Fdefault.js;h=bbc66fcd2fcf6f4249deeb483136abf630d3ea01;hb=846fd81473a87284f52833154ddca0bf95b3046f;hp=70837b1c34aa3fa5bdec4d8804df22ed50576847;hpb=9915fd047ecd95692e53d93ddb3ad25ae1680925;p=websub-hub

diff --git a/config/default.js b/config/default.js
index 70837b1..bbc66fc 100644
--- a/config/default.js
+++ b/config/default.js
@@ -9,6 +9,9 @@ const defaultOptions = {
   // Uniquely identify this instance, used to tag work-in-progress.
   nodeId: common.requestId(), // Default to ephemeral ID: easiest for clustered deployments.
 
+  // This should be set to a reasonably long passphrase or random buffer, to keep client session data secure.
+  encryptionSecret: undefined, // REQUIRED
+
   // Dingus API Server Framework options. Be sure to set the one REQUIRED option here.
   dingus: {
     // This needs to be the full externally accessible root URL, including any proxyPrefix component, which clients will connect to, and which topics will list as their hub link.
@@ -46,7 +49,7 @@ const defaultOptions = {
     pageTitle: packageName, // title on html pages
     footerEntries: [ // common footers on all html pages
       '<a href="https://git.squeep.com/?p=websub-hub;a=tree">Development Repository</a> / <a href="https://github.com/thylacine/websub-hub/">GitHub mirror</a>',
-      '&copy;<time datetime="2021">&#8559;&#8559;&#8553;&#8553;&#8544;</time>',
+      '<span class="copyright">&copy;<time datetime="2021">&#8559;&#8559;&#8553;&#8553;&#8544;</time></span>',
     ],
     strictSecrets: false, // If true, reject requests with secrets but not over https
     publicHub: true, // Accept publish requests as new topics.
@@ -69,6 +72,8 @@ const defaultOptions = {
   authenticator: {
     basicRealm: packageName, // Realm prompt for login on administration pages
     secureAuthOnly: true, // Require secure transport for authentication.
+    authnEnabled: ['argon2', 'pam'],
+    forbiddenPAMIdentifiers: ['root'],
   },
 
   worker: {