From c4e06cfe28c99240f61ccccd861eac815edcfd74 Mon Sep 17 00:00:00 2001 From: Philip Molares Date: Sun, 2 Oct 2022 21:09:23 +0200 Subject: [PATCH] docs: add local auth Signed-off-by: Philip Molares --- docs/content/config/index.md | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/docs/content/config/index.md b/docs/content/config/index.md index 8d1c263a4..292bc8186 100644 --- a/docs/content/config/index.md +++ b/docs/content/config/index.md @@ -45,7 +45,27 @@ If the renderer is provided by another domain, it's way harder to manipulate Hed ## Authentication -**ToDo:** Add Authentication docs +### Local + +HedgeDoc provides local accounts, handled internally. This feature only provides basic functionality, so for most environments we recommend using an external authentication mechanism. This also enables more secure authentication like 2FA or WebAuthn. + +| environment variable | default | example | description | +|-------------------------------------------|---------|-------------------------|---------------------------------------------------------------------------------------| +| `HD_AUTH_LOCAL_ENABLE_LOGIN` | `false` | `true`, `false` | This makes it possible to use the local accounts in HedgeDoc. | +| `HD_AUTH_LOCAL_ENABLE_REGISTER` | `false` | `true`, `false` | This makes it possible to register new local accounts in HedgeDoc. | +| `HD_AUTH_LOCAL_MINIMAL_PASSWORD_STRENGTH` | `2` | `0`, `1`, `2`, `3`, `4` | The minimum [zxcvbn-ts][zxcvbn-ts-score] password score, that passwords need to have. | + +**password score ([zxcvbn-ts][zxcvbn-ts-score])** + +| score | meaning | minimum number of guesses required (approximated) | +|:-----:|-------------------------------------------------------------------|---------------------------------------------------| +| 0 | All passwords are allowed | - | +| 1 | Only `too guessable` passwords are disallowed | 1.000 | +| 2 | `too guessable` and `very guessable` passwords are disallowed | 1.000.000 | +| 3 | `safely unguessable` and `very unguessable` passwords are allowed | 100.000.000 | +| 4 | Only `very unguessable` passwords are allowed | 10.000.000.000 | + +**ToDo:** Add other authentication methods. ## Customization @@ -84,10 +104,13 @@ We officially support and test these databases: ## Media -There are couple of different backends that can be used to host your images for HedgeDoc. +There are a couple of different backends that can be used to host your images for HedgeDoc. - [Azure](media/azure.md) - [Local filesystem](media/filesystem.md) - [Imgur](media/imgur.md) - [S3-compatible](media/s3.md) - [WebDAV](media/webdav.md) + + +[zxcvbn-ts-score][https://zxcvbn-ts.github.io/zxcvbn/guide/getting-started/#output]