Update other things
This commit is contained in:
parent
e4b4039ed3
commit
42c3c0d89a
GPG key ID:
A02E6E67AB961189
2 changed files with 1 additions and 28 deletions
27
README.md
27
README.md
|
|
@ -26,9 +26,6 @@ AnonChat can be configured using environment variables:
|
|||
|
||||
- `SECRET_KEY`: Secret key for session management
|
||||
- `DATABASE_URL`: Database connection string (defaults to SQLite)
|
||||
- `ADMIN_USERNAME`: Admin username for admin dashboard
|
||||
- `ADMIN_PASSWORD`: Admin password for admin dashboard
|
||||
- `ADMIN_FORCE_RESET`: When set to "true", forces a reset of the admin password to the value in ADMIN_PASSWORD (defaults to "false")
|
||||
- `SITE_TITLE`: Customizable site title (defaults to "AnonChat")
|
||||
- `BEHIND_PROXY`: Set to "true" when running behind a reverse proxy to properly handle client IP addresses (defaults to "false")
|
||||
- `RATELIMIT_STORAGE_URL`: Storage backend for rate limiting (defaults to memory storage)
|
||||
|
|
@ -144,28 +141,6 @@ AnonChat includes a secure admin authentication system that protects administrat
|
|||
- **Password Management**: Admins can change their password through the Admin Settings page
|
||||
- **Logout Functionality**: Secure logout to clear session data
|
||||
|
||||
### Setting Admin Credentials
|
||||
|
||||
Admin credentials are set using environment variables:
|
||||
|
||||
```
|
||||
ADMIN_USERNAME=admin
|
||||
ADMIN_PASSWORD=your-secure-password
|
||||
ADMIN_FORCE_RESET=false
|
||||
```
|
||||
|
||||
These values should be set in your `.env` file or server environment. The default admin user is created automatically when the application first runs.
|
||||
|
||||
#### Password Reset
|
||||
|
||||
You can force a reset of the admin password by setting `ADMIN_FORCE_RESET=true` in your environment variables. This is useful when:
|
||||
|
||||
- You need to recover from a forgotten admin password
|
||||
- You're deploying to a new environment and want to ensure the admin credentials are set correctly
|
||||
- You want to update the admin password during deployment without accessing the admin interface
|
||||
|
||||
When enabled, the application will update the admin user's password to match the value in `ADMIN_PASSWORD` during initialization or when running the `init-db` command.
|
||||
|
||||
### Admin Functions
|
||||
|
||||
- View and respond to user inquiries
|
||||
|
|
@ -178,7 +153,7 @@ When enabled, the application will update the admin user's password to match the
|
|||
- Always use a strong, unique password for the admin account
|
||||
- Keep your SECRET_KEY secure and unique for each deployment
|
||||
- In production, ensure you're using HTTPS to protect admin credentials during transmission
|
||||
- Change the default admin password immediately after deployment
|
||||
- Disable registrations in your oauth
|
||||
|
||||
## TODO: Security Improvements
|
||||
|
||||
|
|
|
|||
|
|
@ -13,8 +13,6 @@ services:
|
|||
- DATABASE_URL=postgresql://anonchat:anonchat@db:5432/anonchat
|
||||
- REDIS_URL=redis://redis:6379/0
|
||||
- SECRET_KEY=change-this-secret-key-in-production
|
||||
- ADMIN_USERNAME=admin
|
||||
- ADMIN_PASSWORD=change-this-password-in-production
|
||||
- BEHIND_PROXY=false # Set to true if you're running behind a reverse proxy
|
||||
|
||||
db:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue