sa6anw/hedgedoc-hedgeagent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add config option which requires authentication in FreeURL mode

Browse Source 
This mitigates unintended note creation by bots or humans through a
simple GET call.

See discussion in #754.

Signed-off-by: Nicolas Dietrich <nidi@mailbox.org>
This commit is contained in:
Nicolas Dietrich
2021-01-22 16:47:47 +01:00
parent 3331c0947c
commit 497569fee4
5 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/config/environment.js
View File

@@ -29,6 +29,7 @@ module.exports = {
allowAnonymous: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS),
allowAnonymousEdits: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS_EDITS),
allowFreeURL: toBooleanConfig(process.env.CMD_ALLOW_FREEURL),
requireFreeURLAuthentication: toBooleanConfig(process.env.CMD_REQUIRE_FREEURL_AUTH),
forbiddenNoteIDs: toArrayConfig(process.env.CMD_FORBIDDEN_NOTE_IDS),
defaultPermission: process.env.CMD_DEFAULT_PERMISSION,
dbURL: process.env.CMD_DB_URL,