Browse Source

update descriptions for pw hints options

pull/5189/head
Stefan Melmuk 5 months ago
parent
commit
611a1c303a
No known key found for this signature in database GPG Key ID: 817020C608FE9C09
  1. 7
      .env.template
  2. 8
      src/config.rs

7
.env.template

@ -280,12 +280,13 @@
## The default for new users. If changed, it will be updated during login for existing users. ## The default for new users. If changed, it will be updated during login for existing users.
# PASSWORD_ITERATIONS=600000 # PASSWORD_ITERATIONS=600000
## Controls whether users can set password hints. This setting applies globally to all users. ## Controls whether users can set or show password hints. This setting applies globally to all users.
# PASSWORD_HINTS_ALLOWED=true # PASSWORD_HINTS_ALLOWED=true
## Controls whether a password hint should be shown directly in the web page if ## Controls whether a password hint should be shown directly in the web page if
## SMTP service is not configured. Not recommended for publicly-accessible instances ## SMTP service is not configured and password hints are allowed.
## as this provides unauthenticated access to potentially sensitive data. ## Not recommended for publicly-accessible instances because this provides
## unauthenticated access to potentially sensitive data.
# SHOW_PASSWORD_HINT=false # SHOW_PASSWORD_HINT=false
######################### #########################

8
src/config.rs

@ -497,11 +497,11 @@ make_config! {
/// Password iterations |> Number of server-side passwords hashing iterations for the password hash. /// Password iterations |> Number of server-side passwords hashing iterations for the password hash.
/// The default for new users. If changed, it will be updated during login for existing users. /// The default for new users. If changed, it will be updated during login for existing users.
password_iterations: i32, true, def, 600_000; password_iterations: i32, true, def, 600_000;
/// Allow password hints |> Controls whether users can set password hints. This setting applies globally to all users. /// Allow password hints |> Controls whether users can set or show password hints. This setting applies globally to all users.
password_hints_allowed: bool, true, def, true; password_hints_allowed: bool, true, def, true;
/// Show password hint |> Controls whether a password hint should be shown directly in the web page /// Show password hint (Know the risks!) |> Controls whether a password hint should be shown directly in the web page
/// if SMTP service is not configured. Not recommended for publicly-accessible instances as this /// if SMTP service is not configured and password hints are allowed. Not recommended for publicly-accessible instances
/// provides unauthenticated access to potentially sensitive data. /// because this provides unauthenticated access to potentially sensitive data.
show_password_hint: bool, true, def, false; show_password_hint: bool, true, def, false;
/// Admin token/Argon2 PHC |> The plain text token or Argon2 PHC string used to authenticate in this very same page. Changing it here will not deauthorize the current session! /// Admin token/Argon2 PHC |> The plain text token or Argon2 PHC string used to authenticate in this very same page. Changing it here will not deauthorize the current session!

Loading…
Cancel
Save