Also update README

README.md

@@ -34,6 +34,10 @@ AnonChat can be configured using environment variables:
 - `RATELIMIT_STORAGE_URL`: Storage backend for rate limiting (defaults to memory storage)
 - `REDIS_URL`: Redis connection URL for session storage (defaults to "redis://localhost:6379/0")
 - `AUTO_DELETE_HOURS`: Number of hours after which closed inquiries are automatically deleted (defaults to 48)
+- `AUTH0_CLIENT_ID`: Auth0 client ID for authentication
+- `AUTH0_CLIENT_SECRET`: Auth0 client secret for authentication
+- `AUTH0_DOMAIN`: Auth0 domain for authentication
+- `SESSION_TYPE`: Session storage type (defaults to "filesystem")
 
 You can set these variables in a `.env` file:
 
@@ -179,19 +183,6 @@ When enabled, the application will update the admin user's password to match the
 ## TODO: Security Improvements
 
 The following security enhancements are planned for future releases:
-
-- [ ] Implement CAPTCHA protection for admin login
-  - Add CAPTCHA verification to prevent brute force attacks
-  - Support multiple CAPTCHA providers (reCAPTCHA, hCaptcha)
-  - Implement rate limiting for failed login attempts
-  - Add IP-based blocking after multiple failed attempts
-
-### Authentication Methods
-- [ ] Add OAuth 2.0 support for admin authentication
-  - Integrate with common providers (Google, GitHub, Microsoft)
-  - Implement proper PKCE flow for added security
-  - Support for custom OAuth providers for enterprise deployments
-  - Add multi-factor authentication options
   
 ### Read-Only Links
 - [ ] Implement read-only sharing links for inquiries