feat(database): refactor CLI, add column whitelist, and SSL config
- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections - Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent - Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure - Ensure `closePool` is called on both success and error paths in CLI - Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`) - Update drop command description from "auth tables" to "all tables"
This commit is contained in:
@@ -13,6 +13,7 @@ ZEN_SUPPORT_EMAIL=support@exemple.com
|
||||
# DATABASE
|
||||
ZEN_DATABASE_URL=postgres://USER:PASSWORD@HOST:PORT/postgres
|
||||
ZEN_DATABASE_URL_DEV=postgres://USER:PASSWORD@HOST:PORT/postgres_dev
|
||||
ZEN_DB_SSL_DISABLED=false
|
||||
|
||||
# STORAGE (Cloudflare R2 for now)
|
||||
ZEN_STORAGE_BUCKET=my-bucket-name
|
||||
|
||||
Reference in New Issue
Block a user