fix: Faucet setup configuration variables [DEV-3135] (#342)

* fix: Faucet variables

* Fix CORS_ALLOWED_ORIGINS

* Update README.md

* Update environment.d.ts

* Update logto.ts

* Update README.md

* Update constants.ts

* Update example.env

* Update example.env

* Update constants.ts

README.md

@@ -42,7 +42,7 @@ The application allows configuring the following parameters using environment va
 3. `RESOLVER_URL`: API endpoint for a [DID Resolver](https://github.com/cheqd/did-resolver) endpoint that supports
    `did:cheqd` (Default: `https://resolver.cheqd.net/1.0/identifiers/`).
 4. `APPLICATION_BASE_URL`: URL of the application (external domain name).
-5. `CORS_ALLOWED_ORIGINS`: CORS allowed origins used in the app.
+5. `CORS_ALLOWED_ORIGINS`: CORS allowed origins used in the app (optional). (Default: `APPLICATION_BASE_URL`).
 
 #### Veramo KMS Database
 
@@ -74,9 +74,8 @@ By default, `ENABLE_AUTHENTICATION` is set to off/`false`. To enable external Ve
 1. **Endpoints**
     1. `LOGTO_ENDPOINT`: API endpoint for LogTo server
     2. `LOGTO_DEFAULT_RESOURCE_URL`: Root of API resources in this application to be guarded. (Default:
-       `http://localhost:3000/api` on localhost.)
-    3. `LOGTO_MANAGEMENT_API`: URL of management API for LogTo (default is `https://default.logto.app/api`)
-    4. `CORS_ALLOWED_ORIGINS`: CORS allowed origins used in the app
+       `http://localhost:3000/` on localhost.)
+    3. `LOGTO_MANAGEMENT_API`: URL of management API for LogTo. This is typically static within self-hosted LogTo applications and is not meant to be a resolvable URL. (Default: `https://default.logto.app/api`)
 2. **User-facing APIs**
     1. `LOGTO_APP_ID`: Application ID for the Credential Service application in LogTo. This can be set up as type
        "Traditional Web"
@@ -99,11 +98,9 @@ By default, `ENABLE_AUTHENTICATION` is set to off/`false`. To enable external Ve
 This section describes bootstrapping things for newcomers accounts. If it's enabled the CredentialService auto-populates
 some tokens on the testnet for making the process simpler.
 
-1. `FAUCET_ENABLED` - enable/disable such functionality (`false` by default)
-2. `FAUCET_URI` - URI when the faucet service is located (`https://faucet-api.cheqd.network/credit` by default)
-3. `FAUCET_DENOM` - the denom of token to assign (`ncheq` by default)
-4. `TESTNET_MINIMUM_BALANCE` - the minimum amount of tokens for being on testnet account. Be default it's amount,
-   required for creating a DID
+1. `ENABLE_ACCOUNT_TOPUP`: Enable/disable such functionality (`false` by default)
+2. `FAUCET_URI`: Faucet service API endpoint (Default: `https://faucet-api.cheqd.network/credit`)
+3. `TESTNET_MINIMUM_BALANCE`: Minimum balance on account before it is automatically topped up from the faucet. This value should be expressed as an integer in `CHEQ` tokens, which will then be converted in the background to `ncheq` denomination. Account balance check is carried out on every account creation/login. (Default: 10,000 CHEQ testnet tokens)
 
 ### 3rd Party Connectors
 

docker/Dockerfile

@@ -75,10 +75,9 @@ ARG VERIDA_NETWORK=testnet
 ARG POLYGON_RPC_URL=https://rpc-mumbai.maticvigil.com
 ARG VERIDA_PRIVATE_KEY
 ARG POLYGON_PRIVATE_KEY
-ARG FAUCET_ENABLED=false
+ARG ENABLE_ACCOUNT_TOPUP=false
 ARG FAUCET_URI=https://faucet-api.cheqd.network/credit
-ARG FAUCET_DENOM=ncheq
-ARG TESTNET_MINIMUM_BALANCE=50000000000
+ARG TESTNET_MINIMUM_BALANCE=1000
 
 # Environment variables: base configuration
 ENV NPM_CONFIG_LOGLEVEL ${NPM_CONFIG_LOGLEVEL}
@@ -111,9 +110,8 @@ ENV LOGTO_DEFAULT_ROLE_ID ${LOGTO_DEFAULT_ROLE_ID}
 ENV LOGTO_WEBHOOK_SECRET ${LOGTO_WEBHOOK_SECRET}
 
 # Faucet setup
-ENV FAUCET_ENABLED ${FAUCET_ENABLED}
+ENV ENABLE_ACCOUNT_TOPUP ${ENABLE_ACCOUNT_TOPUP}
 ENV FAUCET_URI ${FAUCET_URI}
-ENV FAUCET_DENOM ${FAUCET_DENOM}
 ENV TESTNET_MINIMUM_BALANCE ${TESTNET_MINIMUM_BALANCE}
 
 # Environment variables: Verida connector

docker/no-external-db/no-db.env

@@ -2,7 +2,6 @@ MAINNET_RPC_URL="https://rpc.cheqd.net:443"
 TESTNET_RPC_URL="https://rpc.cheqd.network:443"
 RESOLVER_URL="https://resolver.cheqd.net/1.0/identifiers/"
 APPLICATION_BASE_URL="http://localhost:3000"
-CORS_ALLOWED_ORIGINS="http://localhost:3000"
 
 # Database
 ENABLE_EXTERNAL_DB="false"

docker/with-external-db/with-db.env

@@ -3,7 +3,6 @@ MAINNET_RPC_URL="https://rpc.cheqd.net:443"
 TESTNET_RPC_URL="https://rpc.cheqd.network:443"
 RESOLVER_URL="https://resolver.cheqd.net/1.0/identifiers/"
 APPLICATION_BASE_URL="http://localhost:3000"
-CORS_ALLOWED_ORIGINS="http://localhost:3000"
 
 # Environment variables for External KMS
 ENABLE_EXTERNAL_DB="true"

example.env

@@ -1,11 +1,13 @@
+## Default/unused values are commented out
+
 # General
-MAINNET_RPC_URL="https://rpc.cheqd.net:443"
+APPLICATION_BASE_URL="http://localhost:8787"
+# MAINNET_RPC_URL="https://rpc.cheqd.net:443"
 TESTNET_RPC_URL="https://rpc.cheqd.network:443"
 RESOLVER_URL="https://resolver.cheqd.net/1.0/identifiers/"
-APPLICATION_BASE_URL="http://localhost:8787"
-CORS_ALLOWED_ORIGINS="http://localhost:8787"
+# CORS_ALLOWED_ORIGINS=="http://localhost:8787"
 
-# Database
+# External Veramo KMS Database
 ENABLE_EXTERNAL_DB="false"
 EXTERNAL_DB_CONNECTION_URL="postgres://<user>:<password>@<host>:<port>/<database>"
 EXTERNAL_DB_ENCRYPTION_KEY="<db-encryption-key>"
@@ -18,17 +20,16 @@ LOGTO_APP_ID="ldfsr...rq432"
 LOGTO_APP_SECRET="sdf...sdf"
 LOGTO_M2M_APP_ID="aaaa...ddddd"
 LOGTO_M2M_APP_SECRET="aaaa...ddddd"
-LOGTO_MANAGEMENT_API="https://default.logto.app/api"
+# LOGTO_MANAGEMENT_API="https://default.logto.app/api"
 LOGTO_DEFAULT_RESOURCE_URL="http://localhost:8787"
 LOGTO_DEFAULT_ROLE_ID="sdf...sdf"
 LOGTO_WEBHOOK_SECRET="sdf...sdf"
 COOKIE_SECRET="sdf...sdf"
 
 # Faucet settings
-FAUCET_ENABLED="false"
-FAUCET_URI="https://faucet-api.cheqd.network/credit"
-FAUCET_DENOM="ncheq"
-TESTNET_MINIMUM_BALANCE="50000000000"
+ENABLE_ACCOUNT_TOPUP="false"
+TESTNET_MINIMUM_BALANCE="1000"
+# FAUCET_URI="https://faucet-api.cheqd.network/credit"
 
 # Verida
 ENABLE_VERIDA_CONNECTOR="false"

src/app.ts

@@ -13,7 +13,7 @@ import { AccountController } from './controllers/customer.js';
 import { Authentication } from './middleware/authentication.js';
 import { Connection } from './database/connection/connection.js';
 import { RevocationController } from './controllers/revocation.js';
-import { CORS_ERROR_MSG, configLogToExpress } from './types/constants.js';
+import { CORS_ALLOWED_ORIGINS, CORS_ERROR_MSG, configLogToExpress } from './types/constants.js';
 import { LogToWebHook } from './middleware/hook.js';
 import { Middleware } from './middleware/middleware.js';
 
@@ -59,7 +59,7 @@ class App {
 			cors({
 				origin: function (origin, callback) {
 					if (!origin) return callback(null, true);
-					if (process.env.CORS_ALLOWED_ORIGINS?.indexOf(origin) === -1) {
+					if (CORS_ALLOWED_ORIGINS?.indexOf(origin) === -1) {
 						return callback(new Error(CORS_ERROR_MSG), false);
 					}
 					return callback(null, true);

src/controllers/customer.ts

@@ -1,6 +1,6 @@
 import type { Request, Response } from 'express';
 import { checkBalance } from '@cheqd/sdk';
-
+import { TESTNET_MINIMUM_BALANCE, DEFAULT_DENOM_EXPONENT } from '../types/constants.js';
 import { CustomerService } from '../services/customer.js';
 import { LogToHelper } from '../middleware/auth/logto.js';
 import { FaucetHelper } from '../helpers/faucet.js';
@@ -39,7 +39,7 @@ export class AccountController {
 				});
 			}
 			// Send some tokens for testnet
-			if (process.env.FAUCET_ENABLED === 'true') {
+			if (process.env.ENABLE_ACCOUNT_TOPUP === 'true') {
 				const resp = await FaucetHelper.delegateTokens(customer.address);
 				if (resp.status !== StatusCodes.OK) {
 					return response.status(resp.status).json({
@@ -177,10 +177,10 @@ export class AccountController {
 		}
 
 		// 3. Check the token balance for Testnet account
-		if (customer.address && process.env.FAUCET_ENABLED === 'true') {
+		if (customer.address && process.env.ENABLE_ACCOUNT_TOPUP === 'true') {
 			const balances = await checkBalance(customer.address, process.env.TESTNET_RPC_URL);
             const balance = balances[0];
-            if (!balance || +balance.amount < process.env.TESTNET_MINIMUM_BALANCE) {
+            if (!balance || +balance.amount < (TESTNET_MINIMUM_BALANCE * Math.pow(10, DEFAULT_DENOM_EXPONENT))) {
                 // 3.1 If it's less then required for DID creation - assign new portion from testnet-faucet
                 const resp = await FaucetHelper.delegateTokens(customer.address);
                 if (resp.status !== StatusCodes.OK) {

src/helpers/faucet.ts

@@ -1,10 +1,10 @@
 import type { ICommonErrorResponse } from '../types/authentication.js';
-import { DEFAULT_FAUCET_DENOM, DEFAULT_FAUCET_URI } from '../types/constants.js';
+import { DEFAULT_FAUCET_DENOM, FAUCET_URI } from '../types/constants.js';
 
 export class FaucetHelper {
 	// ...
 	static async delegateTokens(address: string): Promise<ICommonErrorResponse> {
-		const faucetURI = DEFAULT_FAUCET_URI;
+		const faucetURI = FAUCET_URI;
 		const faucetBody = {
 			denom: DEFAULT_FAUCET_DENOM,
 			address: address,

src/middleware/auth/logto.ts

@@ -1,4 +1,5 @@
 import type { ICommonErrorResponse } from '../../types/authentication';
+import { LOGTO_MANAGEMENT_API } from '../../types/constants';
 import { StatusCodes } from 'http-status-codes';
 import jwt from 'jsonwebtoken';
 import * as dotenv from 'dotenv';
@@ -271,7 +272,7 @@ export class LogToHelper {
 	private async setM2MToken(): Promise<ICommonErrorResponse> {
 		const searchParams = new URLSearchParams({
 			grant_type: 'client_credentials',
-			resource: process.env.LOGTO_MANAGEMENT_API as string,
+			resource: LOGTO_MANAGEMENT_API as string,
 			scope: 'all',
 		});
 

src/types/constants.ts

@@ -1,27 +1,22 @@
 import * as dotenv from 'dotenv';
 dotenv.config();
 
-const { LOGTO_ENDPOINT, LOGTO_APP_ID, LOGTO_APP_SECRET, APPLICATION_BASE_URL, ENABLE_AUTHENTICATION } = process.env;
-
+// Header constants
 export const HEADERS = {
 	json: { 'Content-Type': 'application/json' },
 	text: { 'Content-Type': 'text/plain' },
 };
 
-export const VC_CONTEXT = ['https://www.w3.org/2018/credentials/v1', 'https://veramo.io/contexts/profile/v1'];
-export const VC_TYPE = 'VerifiableCredential';
-export const VC_PROOF_FORMAT = 'jwt';
-export const VC_REMOVE_ORIGINAL_FIELDS = true;
-export const CORS_ERROR_MSG = 'The CORS policy for this site does not allow access from the specified Origin.';
+// Application constants
+export const APPLICATION_BASE_URL = process.env.APPLICATION_BASE_URL || 'http://localhost:3000';
+export const MAINNET_RPC_URL = process.env.MAINNET_RPC_URL || 'https://rpc.cheqd.net:443';
+export const CORS_ALLOWED_ORIGINS = process.env.CORS_ALLOWED_ORIGINS || APPLICATION_BASE_URL;
 
-// verida
-export const POLYGON_RPC_URL = 'https://rpc-mumbai.maticvigil.com';
-export const VERIDA_APP_NAME = 'Cheqd Verida Connector';
+// LogTo contants
+const { LOGTO_ENDPOINT, LOGTO_APP_ID, LOGTO_APP_SECRET, ENABLE_AUTHENTICATION } = process.env;
 
-// Schema to store a Verifiable Credential on the Verida Network.
-export const VERIDA_CREDENTIAL_RECORD_SCHEMA = 'https://common.schemas.verida.io/credential/base/v0.2.0/schema.json';
+export const LOGTO_MANAGEMENT_API = process.env.LOGTO_MANAGEMENT_API || 'https://default.logto.app/api';
 
-// Map for path and required user scope for that action
 export const configLogToExpress = {
 	endpoint:
 		LOGTO_ENDPOINT ||
@@ -50,7 +45,21 @@ export const configLogToExpress = {
 	fetchUserInfo: true,
 };
 
-export const DEFAULT_FAUCET_DENOM = process.env.FAUCET_DENOM || 'ncheq';
-export const DEFAULT_FAUCET_URI = process.env.FAUCET_URI || 'https://faucet-api.cheqd.network/credit';
-// Amount for creating DID
-export const TESTNET_MINIMUM_BALANCE = process.env.TESTNET_MINIMUM_BALANCE || 50000000000;
+// Faucet constants
+export const DEFAULT_FAUCET_DENOM = 'ncheq';
+export const FAUCET_URI = process.env.FAUCET_URI || 'https://faucet-api.cheqd.network/credit';
+export const DEFAULT_DENOM_EXPONENT = 9;
+export const TESTNET_MINIMUM_BALANCE = process.env.TESTNET_MINIMUM_BALANCE || 1000;
+
+// Verifiable Credential constants
+export const VC_CONTEXT = ['https://www.w3.org/2018/credentials/v1', 'https://veramo.io/contexts/profile/v1'];
+export const VC_TYPE = 'VerifiableCredential';
+export const VC_PROOF_FORMAT = 'jwt';
+export const VC_REMOVE_ORIGINAL_FIELDS = true;
+export const CORS_ERROR_MSG = 'The CORS policy for this site does not allow access from the specified Origin.';
+
+// Verida
+export const POLYGON_RPC_URL = 'https://rpc-mumbai.maticvigil.com';
+export const VERIDA_APP_NAME = 'Cheqd Verida Connector';
+// Schema to store a Verifiable Credential on the Verida Network.
+export const VERIDA_CREDENTIAL_RECORD_SCHEMA = 'https://common.schemas.verida.io/credential/base/v0.2.0/schema.json';

src/types/environment.d.ts

@@ -13,12 +13,12 @@ declare global {
 			MAINNET_RPC_URL: string;
 			TESTNET_RPC_URL: string;
 			RESOLVER_URL: string;
-			CORS_ALLOWED_ORIGINS: string | undefined;
+			APPLICATION_BASE_URL: string | 'http://localhost:3000';
+			CORS_ALLOWED_ORIGINS: string | APPLICATION_BASE_URL;
 			ENABLE_EXTERNAL_DB: string | 'false';
 			EXTERNAL_DB_CONNECTION_URL: string;
 			EXTERNAL_DB_ENCRYPTION_KEY: string;
 			EXTERNAL_DB_CERT: string | undefined;
-			APPLICATION_BASE_URL: string | 'http://localhost:3000';
 
 			// LogTo
 			LOGTO_ENDPOINT: string;
@@ -49,10 +49,9 @@ declare global {
 			ISSUER_DID: string;
 
 			// Faucet
-			FAUCET_ENABLED: string | 'false';
-			FAUCET_URI: string | 'https://faucet-api.cheqd.network/credit';
-			FAUCET_DENOM: string | 'ncheq';
-			TESTNET_MINIMUM_BALANCE: number | 50000000000;
+			ENABLE_ACCOUNT_TOPUP: string | 'false';
+			FAUCET_URI: string;
+			TESTNET_MINIMUM_BALANCE: number;
 		}
 	}