IndieAuth login support, allows viewing of topics related to profile

[websub-hub] / config / default.js

diff --git a/config/default.js b/config/default.js
index 64f45eca22399ba7b44ebae0f586a7306e078650..3714253ee999c99e627f030503ec928d5392732d 100644 (file)
--- a/config/default.js
+++ b/config/default.js
@@ -9,6 +9,9 @@ const defaultOptions = {
   // Uniquely identify this instance, used to tag work-in-progress.
   nodeId: common.requestId(), // Default to ephemeral ID: easiest for clustered deployments.
 
+  // This should be set to a reasonably long passphrase or random buffer, to keep client session data secure.
+  encryptionSecret: undefined, // REQUIRED
+
   // Dingus API Server Framework options. Be sure to set the one REQUIRED option here.
   dingus: {
     // This needs to be the full externally accessible root URL, including any proxyPrefix component, which clients will connect to, and which topics will list as their hub link.
@@ -69,6 +72,8 @@ const defaultOptions = {
   authenticator: {
     basicRealm: packageName, // Realm prompt for login on administration pages
     secureAuthOnly: true, // Require secure transport for authentication.
+    authnEnabled: ['argon2', 'pam'],
+    forbiddenPAMIdentifiers: ['root'],
   },
 
   worker: {