mirror of
https://github.com/wassname/talk.git
synced 2026-07-09 21:51:58 +08:00
Merge branch 'master' into 1920
This commit is contained in:
@@ -30,7 +30,7 @@ const CONFIG = {
|
||||
ENABLE_TRACING: Boolean(process.env.APOLLO_ENGINE_KEY),
|
||||
|
||||
// EMAIL_SUBJECT_PREFIX is the string before emails in the subject.
|
||||
EMAIL_SUBJECT_PREFIX: process.env.TALK_EMAIL_SUBJECT_PREFIX || '[Talk]',
|
||||
EMAIL_SUBJECT_PREFIX: process.env.TALK_EMAIL_SUBJECT_PREFIX,
|
||||
|
||||
// DEFAULT_LANG is the default language used for server sent emails and
|
||||
// rendered text.
|
||||
@@ -271,6 +271,10 @@ const CONFIG = {
|
||||
// CONFIG VALIDATION
|
||||
//==============================================================================
|
||||
|
||||
if (typeof CONFIG.EMAIL_SUBJECT_PREFIX === 'undefined') {
|
||||
CONFIG.EMAIL_SUBJECT_PREFIX = '[Talk]';
|
||||
}
|
||||
|
||||
if (process.env.NODE_ENV === 'test') {
|
||||
if (!CONFIG.ROOT_URL) {
|
||||
CONFIG.ROOT_URL = `http://${localAddress}:3001`;
|
||||
|
||||
@@ -246,6 +246,21 @@ Refer to the documentation for [TALK_JWT_ALG](#talk-jwt-alg) for other signing
|
||||
methods and other forms of the `TALK_JWT_SECRET`. If you are interested in using
|
||||
multiple keys, then refer to [TALK_JWT_SECRETS](#talk-jwt-secrets).
|
||||
|
||||
You can also encode your secret as a base64 string (if you are using a symmetric
|
||||
algorithm) as long as you prefix it with `base64:`. For example:
|
||||
|
||||
```plain
|
||||
TALK_JWT_SECRET={"secret": "base64:dGVzdA=="}
|
||||
```
|
||||
|
||||
Would be the same as:
|
||||
|
||||
```plain
|
||||
TALK_JWT_SECRET={"secret": "test"}
|
||||
```
|
||||
|
||||
As `dGVzdA==` is just `test` encoded using base64.
|
||||
|
||||
## TALK_JWT_SECRETS
|
||||
|
||||
Used when specifying multiple secrets used for key rotations. This is a JSON
|
||||
@@ -271,7 +286,6 @@ Note that the secret is stored in a JSON object, keyed by `secret`. This is only
|
||||
needed when specifying in the multiple secrets for `TALK_JWT_SECRETS`, but may
|
||||
be used to specify the single [TALK_JWT_SECRET](#talk-jwt-secret).
|
||||
|
||||
|
||||
When the value of [TALK_JWT_ALG](#talk-jwt-alg) is **not** a `HS*` value, then
|
||||
the value of the `TALK_JWT_SECRETS` should take the form:
|
||||
|
||||
@@ -282,7 +296,6 @@ TALK_JWT_SECRETS=[{"kid": "1", "private": "<my private key>", "public": "<my pub
|
||||
Refer to the documentation on the [TALK_JWT_ALG](#talk-jwt-alg) for more
|
||||
information on what to store in these parameters.
|
||||
|
||||
|
||||
## TALK_JWT_SIGNING_COOKIE_NAME
|
||||
|
||||
The default cookie name that is use to set a cookie containing a JWT that was
|
||||
|
||||
@@ -10,9 +10,10 @@ plugin:
|
||||
---
|
||||
|
||||
Using the [Perspective API](http://perspectiveapi.com/), this
|
||||
plugin will warn users and reject comments that exceed the predefined toxicity
|
||||
threshold. For more information on what Toxic Comments are, check out the
|
||||
[Toxic Comments](/talk/toxic-comments/) documentation.
|
||||
plugin will warn users when comments exceed the predefined toxicity
|
||||
threshold. Toxic comments will be flagged and are held back from being posted until reviewed by a moderator.
|
||||
|
||||
For more information on what Toxic Comments are, check out the [Toxic Comments](/talk/toxic-comments/) documentation, and you can see how the plugin works on [this blog post](https://coralproject.net/blog/toxic-avenging/).
|
||||
|
||||
Configuration:
|
||||
|
||||
@@ -25,4 +26,4 @@ Configuration:
|
||||
- `TALK_PERSPECTIVE_TIMEOUT` - The timeout for sending a comment to
|
||||
be processed before it will skip the toxicity analysis, parsed by
|
||||
[ms](https://www.npmjs.com/package/ms). (Default `300ms`)
|
||||
- `TALK_PERSPECTIVE_DO_NOT_STORE` - Whether the API is permitted to store comment and context from this request. Stored comments will be used for future research and community model building purposes to improve the API over time. (Default `true`) [Perspective API - Analize Comment Request](https://github.com/conversationai/perspectiveapi/blob/master/api_reference.md#analyzecomment-request)
|
||||
- `TALK_PERSPECTIVE_DO_NOT_STORE` - Whether the API stores or deletes the comment text and context from this request after it has been evaluated. Stored comments will be used for future research and community model building purposes to improve the API over time. (Default `true`) [Perspective API - Analyze Comment Request](https://github.com/conversationai/perspectiveapi/blob/master/api_reference.md#analyzecomment-request)
|
||||
|
||||
@@ -120,6 +120,11 @@ function SharedSecret({ kid = undefined, secret = null }, algorithm) {
|
||||
throw new Error('Secret cannot have a zero length');
|
||||
}
|
||||
|
||||
// If the secret is base64 encoded, then decode it!
|
||||
if (secret.startsWith('base64:')) {
|
||||
secret = Buffer.from(secret.substring(7), 'base64').toString();
|
||||
}
|
||||
|
||||
return new Secret({
|
||||
kid,
|
||||
signingKey: secret,
|
||||
|
||||
Reference in New Issue
Block a user