From 865857639431bb78df5f63a1ebdc448b730e6bef Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 15 May 2022 08:25:14 +0000 Subject: [PATCH 1/2] Auto-update README --- README.md | 6 ++++++ README_fr.md | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/README.md b/README.md index 8ad2c2f..a758dbe 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,12 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo ![](./doc/screenshots/screenshot.png) +## Disclaimers / important information + +2FAuth has been imagined for personal use only, it is single user designed. +You have to create a user account to use the app and you cannot create more than one user account. + +Authentication documentation: https://docs.2fauth.app/security/authentication/ ## Documentation and resources * Official admin documentation: https://docs.2fauth.app/ diff --git a/README_fr.md b/README_fr.md index 2ceca5e..b18d2ea 100644 --- a/README_fr.md +++ b/README_fr.md @@ -31,6 +31,12 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo ![](./doc/screenshots/screenshot.png) +## Avertissements / informations importantes + +2FAuth has been imagined for personal use only, it is single user designed. +You have to create a user account to use the app and you cannot create more than one user account. + +Authentication documentation: https://docs.2fauth.app/security/authentication/ ## Documentations et ressources * Documentation officielle de l'adminĀ : https://docs.2fauth.app/ From 1bc826c64c3eaa4997484a5830cd1c0180eb016b Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 15 May 2022 10:26:34 +0200 Subject: [PATCH 2/2] Update .env.example --- conf/.env.example | 77 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 70 insertions(+), 7 deletions(-) diff --git a/conf/.env.example b/conf/.env.example index dd0a5c4..a6e816d 100644 --- a/conf/.env.example +++ b/conf/.env.example @@ -54,7 +54,14 @@ LOG_CHANNEL=daily APP_LOG_LEVEL=notice -# Database config & credentials +# If you're looking for performance improvements, you could install memcached. + +CACHE_DRIVER=file +SESSION_DRIVER=file +FILESYSTEM_DRIVER=local + + +#### Database config & credentials #### # DB_CONNECTION=sqlite # DB_DATABASE="path/to/your/database.sqlite" @@ -69,12 +76,7 @@ DB_USERNAME=__DB_USER__ DB_PASSWORD=__DB_PWD__ -# If you're looking for performance improvements, you could install memcached. -CACHE_DRIVER=file -SESSION_DRIVER=file - - -# Mail settings +#### Mail settings #### # Refer your email provider documentation to configure your mail settings # Set a value for every available setting to avoid issue @@ -90,6 +92,67 @@ MAIL_FROM_NAME=null MAIL_FROM_ADDRESS=null +#### Authentication settings #### + +# The default authentication guard +# +# Supported: +# 'web-guard' : The Laravel built-in auth system (default if nulled) +# 'reverse-proxy-guard' : When 2FAuth is deployed behind a reverse-proxy that handle authentication +# +# WARNING +# When using 'reverse-proxy-guard' 2FAuth only look for the dedicated headers and skip all other built-in +# authentication checks. That means your proxy is fully responsible of the authentication process, 2FAuth will +# trust him as long as headers are presents. + +AUTHENTICATION_GUARD=web-guard + +# Name of the HTTP headers sent by the reverse proxy that identifies the authenticated user at proxy level. +# Check your proxy documentation to find out how these headers are named (i.e 'REMOTE_USER', 'REMOTE_EMAIL', etc...) +# (only relevant when AUTHENTICATION_GUARD is set to 'reverse-proxy-guard') + +AUTH_PROXY_HEADER_FOR_USER= +AUTH_PROXY_HEADER_FOR_EMAIL= + + +#### WebAuthn settings #### + +# Relying Party name, aka the name of the application. If null, defaults to APP_NAME + +WEBAUTHN_NAME= + +# Relying Party ID. If null, the device will fill it internally. +# See https://webauthn-doc.spomky-labs.com/pre-requisites/the-relying-party#how-to-determine-the-relying-party-id + +WEBAUTHN_ID= + +# Optional image data in BASE64 (128 bytes maximum) or an image url +# See https://webauthn-doc.spomky-labs.com/pre-requisites/the-relying-party#relying-party-icon + +WEBAUTHN_ICON= + +# Use this setting to control how user verification behave during the +# WebAuthn authentication flow. +# +# Most authenticators and smartphones will ask the user to actively verify +# themselves for log in. For example, through a touch plus pin code, +# password entry, or biometric recognition (e.g., presenting a fingerprint). +# The intent is to distinguish one user from any other. +# +# Supported: +# 'required': Will ALWAYS ask for user verification +# 'preferred' (default) : Will ask for user verification IF POSSIBLE +# 'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow) + +WEBAUTHN_USER_VERIFICATION= + +# Use this setting to declare trusted proxied. +# Supported: +# '*': to trust any proxy +# A comma separated IP list: The list of proxies IP to trust + +TRUSTED_PROXIES= + # Leave the following configuration vars as is. # Unless you like to tinker and know what you're doing.