github-mirrors/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-04-23 13:37:09 -04:00
Code Issues Projects Releases Packages Wiki Activity

Updated security.md.

Browse source
This commit is contained in:
Lauri Ojansivu 2023-10-11 08:16:08 -04:00
parent f5355422ee
commit fe985e219a
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
SECURITY.md
View file

@ -108,6 +108,7 @@ A:
- You can have input field for password https://github.com/wekan/wekan/blob/main/client/components/cards/attachments.js#L303-L312
- You can save password to database https://github.com/wekan/wekan/blob/main/client/components/cards/attachments.js#L303-L312
- Check that only current user or Admin can change password https://github.com/wekan/wekan/blob/main/client/components/cards/attachments.js#L303-L312
- Note that currentUser uses code like Meteor.user() in .js file
- Do not have password hashes in PubSub https://github.com/wekan/wekan/blob/main/server/publications/users.js
- Only show Admin Panel to Admin https://github.com/wekan/wekan/blob/main/client/components/settings/settingBody.jade#L3
- Use Environment variables for any email etc passwords.