{ oauth2: { //Use mandatory client secret in the auth request useClientSecret: false, //Enables authentications strategies authentications: ['basic', 'bearer'], //Enables authorizations grants grants: ['client_credentials', 'password', 'refresh_token', 'authorization_code'] }, validation: { //Enables input validation enabled: false, //Regexp for username username: /^[\w.]{2,100}$/g, //Regexp for password password: /^(?=.[A-Za-z])(?=.\d)(?=.[.)(=,|$@$!%#?&])[A-Za-z\d.)(=, | $@ $!%#?&]{8,255}$/g, //Regexp for client name clientId: /^[\w.]{2,100}$/g, //Regexp for client secret clientSecret: /^(?=.[A-Za-z])(?=.\d)(?=.[.)(=,|$@$!%#?&])[A-Za-z\d.)(=, | $@ $!%#?&]{8,255}$/g, }, user: { //Users' password are crypted and compared by the specified mode below passwordEnc: 'bcrypt' //bcrypt|crypto|none }, ldap: { //Enable LDAP user binding enabled: false, //Search filters, ex. (|(cn=)(mail=)) authAttributes: ['cn', 'mail'], //Returned attribute after search (returned value must match with username column for a successful login) returnAttribute: 'dn', //Ldapper module configuration ldapper: null }, //Crypton module configuration crypton: null, token: { //Token life in seconds life: 3600, //Token length in bytes length: 32, //bytes //Delete active tokens on login autoRemove: true, jwt: { //Enables jwt token instead the standard token enabled: false, //Check if IP caller are the same of jwt IP when it was created ipcheck: false, //Check if user-agent caller are the same of jwt user-agent when it was created uacheck: false, //Secret key for signing jwt token secretKey: 'K7pHX4OASe?c&lm' } } }