Also update README
This commit is contained in:
parent
40da75e2d7
commit
8dbdec6d32
GPG key ID:
A02E6E67AB961189
1 changed files with 4 additions and 13 deletions
17
README.md
17
README.md
|
|
@ -34,6 +34,10 @@ AnonChat can be configured using environment variables:
|
|||
- `RATELIMIT_STORAGE_URL`: Storage backend for rate limiting (defaults to memory storage)
|
||||
- `REDIS_URL`: Redis connection URL for session storage (defaults to "redis://localhost:6379/0")
|
||||
- `AUTO_DELETE_HOURS`: Number of hours after which closed inquiries are automatically deleted (defaults to 48)
|
||||
- `AUTH0_CLIENT_ID`: Auth0 client ID for authentication
|
||||
- `AUTH0_CLIENT_SECRET`: Auth0 client secret for authentication
|
||||
- `AUTH0_DOMAIN`: Auth0 domain for authentication
|
||||
- `SESSION_TYPE`: Session storage type (defaults to "filesystem")
|
||||
|
||||
You can set these variables in a `.env` file:
|
||||
|
||||
|
|
@ -179,19 +183,6 @@ When enabled, the application will update the admin user's password to match the
|
|||
## TODO: Security Improvements
|
||||
|
||||
The following security enhancements are planned for future releases:
|
||||
|
||||
- [ ] Implement CAPTCHA protection for admin login
|
||||
- Add CAPTCHA verification to prevent brute force attacks
|
||||
- Support multiple CAPTCHA providers (reCAPTCHA, hCaptcha)
|
||||
- Implement rate limiting for failed login attempts
|
||||
- Add IP-based blocking after multiple failed attempts
|
||||
|
||||
### Authentication Methods
|
||||
- [ ] Add OAuth 2.0 support for admin authentication
|
||||
- Integrate with common providers (Google, GitHub, Microsoft)
|
||||
- Implement proper PKCE flow for added security
|
||||
- Support for custom OAuth providers for enterprise deployments
|
||||
- Add multi-factor authentication options
|
||||
|
||||
### Read-Only Links
|
||||
- [ ] Implement read-only sharing links for inquiries
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue