diff --git a/internal/config/usecase.go b/internal/config/usecase.go
index 1d7aa93..db91f1c 100644
--- a/internal/config/usecase.go
+++ b/internal/config/usecase.go
@@ -3,24 +3,26 @@ package config
 import "time"
 
 type UseCase interface {
-	GetDatabasePath() string
-	GetDatabaseType() string
-	GetIndieAuthAccessTokenExpirationTime() time.Duration
-	GetIndieAuthEnabled() bool
-	GetIndieAuthJWTSecret() string
-	GetIndieAuthJWTSigningAlgorithm() string
-	GetIndieAuthJWTSigningPrivateKeyFile() string
-	GetName() string
-	GetRunMode() string
-	GetServerAddress() string
-	GetServerCertificate() string
-	GetServerDomain() string
-	GetServerEnablePPROF() bool
-	GetServerHost() string
-	GetServerKey() string
-	GetServerPort() int
-	GetServerProtocol() string
-	GetServerRootURL() string
-	GetServerStaticRootPath() string
-	GetServerStaticURLPrefix() string
+	GetDatabasePath() string                              // data/indieauth.db
+	GetDatabaseType() string                              // bolt
+	GetIndieAuthAccessTokenExpirationTime() time.Duration // time.Hour
+	GetIndieAuthCodeLength() int                          // 32
+	GetIndieAuthEnabled() bool                            // true
+	GetIndieAuthJWTSecret() []byte                        // hackme
+	GetIndieAuthJWTSigningAlgorithm() string              // RS256
+	GetIndieAuthJWTSigningPrivateKeyFile() string         // jwt/private.pem
+	GetIndieAuthJWTNonceLength() int                      // 22
+	GetName() string                                      // IndieAuth
+	GetRunMode() string                                   // dev
+	GetServerAddress() string                             // 0.0.0.0:3000
+	GetServerCertificate() string                         // https/cert.pem
+	GetServerDomain() string                              // localhost
+	GetServerEnablePPROF() bool                           // false
+	GetServerHost() string                                // 0.0.0.0
+	GetServerKey() string                                 // https/key.pem
+	GetServerPort() int                                   // 3000
+	GetServerProtocol() string                            // http
+	GetServerRootURL() string                             // http://localhost:3000/
+	GetServerStaticRootPath() string                      // /
+	GetServerStaticURLPrefix() string                     // /static
 }
diff --git a/internal/config/usecase/config_ucase.go b/internal/config/usecase/config_ucase.go
index c14b1aa..c9ef14f 100644
--- a/internal/config/usecase/config_ucase.go
+++ b/internal/config/usecase/config_ucase.go
@@ -37,7 +37,7 @@ func (useCase *configUseCase) GetServerDomain() string {
 }
 
 func (useCase *configUseCase) GetServerRootURL() string {
-	t := fasttemplate.New(useCase.repo.GetString("server.rootUrl"), "{{", "}}")
+	t := fasttemplate.New(useCase.repo.GetString("server.rootUrl"), `{{`, `}}`)
 
 	data := make(map[string]interface{})
 	for _, key := range []string{
@@ -105,10 +105,18 @@ func (useCase *configUseCase) GetIndieAuthJWTSigningAlgorithm() string {
 	return useCase.repo.GetString("indieauth.jwtSigningAlgorithm")
 }
 
-func (useCase *configUseCase) GetIndieAuthJWTSecret() string {
-	return useCase.repo.GetString("indieauth.jwtSecret")
+func (useCase *configUseCase) GetIndieAuthJWTSecret() []byte {
+	return []byte(useCase.repo.GetString("indieauth.jwtSecret"))
 }
 
 func (useCase *configUseCase) GetIndieAuthJWTSigningPrivateKeyFile() string {
 	return filepath.Clean(useCase.repo.GetString("indieauth.jwtSigningPrivateKeyFile"))
 }
+
+func (useCase *configUseCase) GetIndieAuthCodeLength() int {
+	return useCase.repo.GetInt("indieauth.codeLength")
+}
+
+func (useCase *configUseCase) GetIndieAuthJWTNonceLength() int {
+	return useCase.repo.GetInt("indieauth.jwtNonceLength")
+}