Configurations

Via environment variables or via toml file.

Environment vars

var default description
PREST_CONF ./prest.conf
PREST_MIGRATIONS ./migrations
PREST_QUERIES_LOCATION ./queries
PREST_HTTP_HOST 0.0.0.0
PREST_HTTP_PORT or PORT 3000 PORT is cloud factor, _when declaring this variable overwritten PREST_HTTP_PORT
PREST_PG_HOST 127.0.0.1
PREST_PG_USER
PREST_PG_PASS
PREST_PG_DATABASE
PREST_PG_PORT 5432
PREST_PG_URL or DATABASE_URL cloud factor, when declaring this variable all the previous connection fields are overwritten
PREST_JWT_KEY
PREST_JWT_ALGO HS256
PREST_JWT_WHITELIST [/auth]
PREST_AUTH_ENABLED false
PREST_AUTH_ENCRYPT MD5
PREST_AUTH_TYPE body
PREST_AUTH_TABLE prest_users
PREST_AUTH_USERNAME username
PREST_AUTH_PASSWORD password
PREST_SSL_MODE require
PREST_SSL_CERT
PREST_SSL_KEY
PREST_SSL_ROOTCERT

TOML

Optionally the pREST can be configured by TOML file.

You can follow this sample and create your own prest.toml file and put this on the same folder that you run prest command.

migrations = "./migrations"

# debug = true
# enabling debug mode will disable JWT authorization

[http]
port = 6000
# Port 6000 is blocked on windows. You must change to 8080 or any unblocked port

[jwt]
key = "secret"
algo = "HS256"

[auth]
enabled = true
type = "body"
encrypt = "MD5"
table = "prest_users"
username = "username"
password = "password"

[pg]
host = "127.0.0.1"
user = "postgres"
pass = "mypass"
port = 5432
database = "prest"
## or used cloud factor
# URL = "postgresql://user:pass@localhost/mydatabase/?sslmode=disable"

[ssl]
mode = "disable"
sslcert = "./PATH"
sslkey = "./PATH"
sslrootcert = "./PATH"

Authorization

JWT

JWT middleware is enabled by default. To disable JWT need to set default to false. Enabling debug mode will also disable it.

[jwt]
default = false

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ

The HS256 algorithm is used by default.

The JWT algorithm can be specified by using either the environment variable PREST_JWT_ALGO or the algo parameter in the section [jwt] of the prest.toml configuration file.

The supported signing algorithms are:

White list

By default the endpoints /auth do not require JWT, the whitelist option serves to configure which endpoints will not ask for jwt token

[jwt]
default = true
whitelist = ["\/auth", "\/ping", "\/ping\/.*"]

Auth

pREST has support in jwt token generation based on two fields (example user and password), being possible to use an existing table from your database to login configuring some parameters in the configuration file (or environment variable), by default this feature is disabled.

[auth]
enabled = true
type = "body"
encrypt = "MD5"
table = "prest_users"
username = "username"
password = "password"
Name Description
enabled Boolean field that activates or deactivates token generation endpoint support
type Type that will receive the login, support for body and http basic authentication
encrypt Type of encryption used in password field, support for MD5 and SHA1
table Table name we will consult (query)
username User field that will be consulted - if your software uses email just abstract name username (at pREST code level it was necessary to define an internal standard)
password Password field that will be consulted

to validate all endpoints with generated jwt token must be activated jwt option

SSL

There is 4 options to set on ssl mode:

  • require - Always SSL (skip verification) by default
  • disable - SSL off
  • verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
  • verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the one in the certificate)

Debug Mode

Set environment variable PREST_DEBUG or debug=true on top of prest.toml file.

PREST_DEBUG=true