Module: Securial::Config::Signature

Extended by:

Signature

Included in:

Signature

Defined in:

lib/securial/config/signature.rb

Overview

Configuration schema definition and validation rules.

This module provides the complete schema for Securial’s configuration system, defining all available options, their types, validation rules, and default values. It’s used by the configuration system to validate user-provided settings.

Constant Summary

LOG_LEVELS =

Valid log levels for the logging system.

i[debug info warn error fatal unknown].freeze

SESSION_ALGORITHMS =

Supported JWT signing algorithms for session tokens.

i[hs256 hs384 hs512].freeze

SECURITY_HEADERS =

Security header configuration options.

i[strict default none].freeze

TIMESTAMP_OPTIONS =

Timestamp inclusion options for API responses.

i[all admins_only none].freeze

RESPONSE_KEYS_FORMATS =

Available key format transformations for API responses.

i[snake_case lowerCamelCase UpperCamelCase].freeze

Instance Method Summary

• #config_signature ⇒ Hash

  Returns the complete configuration schema for Securial.

• #default_config_attributes ⇒ Hash

  Extracts default values from the configuration schema.

• #general_signature ⇒ Hash private private

  General application configuration options.

• #logger_signature ⇒ Hash private private

  Logging system configuration options.

• #mailer_signature ⇒ Hash private private

  Email and notification configuration options.

• #password_signature ⇒ Hash private private

  Password policy and security configuration options.

• #response_signature ⇒ Hash private private

  API response formatting configuration options.

• #roles_signature ⇒ Hash private private

  User role and permission configuration options.

• #security_signature ⇒ Hash private private

  Security and rate limiting configuration options.

• #session_signature ⇒ Hash private private

  Session and JWT token configuration options.

Instance Method Details

#config_signature ⇒ Hash

Returns the complete configuration schema for Securial.

Combines all configuration sections into a single schema hash that defines every available configuration option, its type, validation rules, and default value.

Examples:

schema = config_signature
app_name_config = schema[:app_name]
# => { type: String, required: true, default: "Securial" }

# File 'lib/securial/config/signature.rb', line 72

def config_signature
  [
    general_signature,
    logger_signature,
    roles_signature,
    session_signature,
    mailer_signature,
    password_signature,
    response_signature,
    security_signature,
  ].reduce({}, :merge)
end

#default_config_attributes ⇒ Hash

Extracts default values from the configuration schema.

Transforms the complete configuration schema to return only the default values for each configuration option, suitable for initializing a new configuration instance.

Examples:

defaults = default_config_attributes
# => { app_name: "Securial", session_expiration_duration: 3.minutes, ... }

# File 'lib/securial/config/signature.rb', line 97

def default_config_attributes
  config_signature.transform_values do |options|
    options[:default]
  end
end

#general_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

General application configuration options.

# File 'lib/securial/config/signature.rb', line 110

def general_signature
  {
    app_name: { type: String, required: true, default: "Securial" },
  }
end

#logger_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Logging system configuration options.

# File 'lib/securial/config/signature.rb', line 121

def logger_signature
  {
    log_to_file: { type: [TrueClass, FalseClass], required: true, default: Rails.env.test? ? false : true },
    log_file_level: { type: Symbol, required: "log_to_file", allowed_values: LOG_LEVELS, default: :debug },
    log_to_stdout: { type: [TrueClass, FalseClass], required: true, default: Rails.env.test? ? false : true },
    log_stdout_level: { type: Symbol, required: "log_to_stdout", allowed_values: LOG_LEVELS, default: :debug },
  }
end

#mailer_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Email and notification configuration options.

# File 'lib/securial/config/signature.rb', line 160

def mailer_signature
  {
    mailer_sender: { type: String, required: true, default: "no-reply@example.com" },
    mailer_sign_up_enabled: { type: [TrueClass, FalseClass], required: true, default: true },
    mailer_sign_up_subject: { type: String, required: "mailer_sign_up_enabled", default: "SECURIAL: Welcome to Our Service" },
    mailer_sign_in_enabled: { type: [TrueClass, FalseClass], required: true, default: true },
    mailer_sign_in_subject: { type: String, required: "mailer_sign_in_enabled", default: "SECURIAL: Sign In Notification" },
    mailer_update_account_enabled: { type: [TrueClass, FalseClass], required: true, default: true },
    mailer_update_account_subject: { type: String, required: "mailer_update_account_enabled", default: "SECURIAL: Account Update Notification" },
    mailer_forgot_password_subject: { type: String, required: true, default: "SECURIAL: Password Reset Instructions" },
  }
end

#password_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Password policy and security configuration options.

# File 'lib/securial/config/signature.rb', line 178

def password_signature
  {
    password_min_length: { type: Numeric, required: true, default: 8 },
    password_max_length: { type: Numeric, required: true, default: 128 },
    password_complexity: { type: Regexp, required: true, default: Securial::Helpers::RegexHelper::PASSWORD_REGEX },
    password_expires: { type: [TrueClass, FalseClass], required: true, default: true },
    password_expires_in: { type: ActiveSupport::Duration, required: "password_expires", default: 90.days },
    reset_password_token_expires_in: { type: ActiveSupport::Duration, required: true, default: 2.hours },
    reset_password_token_secret: { type: String, required: true, default: "reset_secret" },
  }
end

#response_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

API response formatting configuration options.

# File 'lib/securial/config/signature.rb', line 195

def response_signature
  {
    response_keys_format: { type: Symbol, required: true, allowed_values: RESPONSE_KEYS_FORMATS, default: :snake_case },
    timestamps_in_response: { type: Symbol, required: true, allowed_values: TIMESTAMP_OPTIONS, default: :all },
  }
end

#roles_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

User role and permission configuration options.

# File 'lib/securial/config/signature.rb', line 135

def roles_signature
  {
    admin_role: { type: Symbol, required: true, default: :admin },
  }
end

#security_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Security and rate limiting configuration options.

# File 'lib/securial/config/signature.rb', line 207

def security_signature
  {
    security_headers: { type: Symbol, required: true, allowed_values: SECURITY_HEADERS, default: :strict },
    rate_limiting_enabled: { type: [TrueClass, FalseClass], required: true, default: true },
    rate_limit_requests_per_minute: { type: Numeric, required: "rate_limiting_enabled", default: 60 },
    rate_limit_response_status: { type: Numeric, required: "rate_limiting_enabled", default: 429 },
    rate_limit_response_message: { type: String, required: "rate_limiting_enabled", default: "Too many requests, please try again later." },
    enable_other_profiles: { type: [TrueClass, FalseClass], required: true, default: false },
  }
end

#session_signature ⇒ Hash (private)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Session and JWT token configuration options.

# File 'lib/securial/config/signature.rb', line 146

def session_signature
  {
    session_expiration_duration: { type: ActiveSupport::Duration, required: true, default: 3.minutes },
    session_secret: { type: String, required: true, default: "secret" },
    session_algorithm: { type: Symbol, required: true, allowed_values: SESSION_ALGORITHMS, default: :hs256 },
    session_refresh_token_expires_in: { type: ActiveSupport::Duration, required: true, default: 1.week },
  }
end