CAPTCHA対応
This commit is contained in:
CyberRex
@@ -99,9 +99,15 @@ Copy `.env.example` to `.env` for local development.
|
||||
| `VAPID_PRIVATE_KEY` | For Push | empty | Browser Push private key. Push delivery fails gracefully if missing. |
|
||||
| `VAPID_SUBJECT` | For Push | `mailto:admin@example.com` | VAPID contact subject. |
|
||||
| `OPENSSL_PATH` | No | `openssl` | OpenSSL executable path. On Windows, the app can also detect Git's bundled `openssl.exe`. |
|
||||
| `CAPTCHA_PROVIDER` | No | `off` | Auth CAPTCHA provider. Use `turnstile`, `hcaptcha`, or `off`. |
|
||||
| `CAPTCHA_SITE_KEY` | When CAPTCHA enabled | empty | Public site key used by the login/register widget. |
|
||||
| `CAPTCHA_SECRET_KEY` | When CAPTCHA enabled | empty | Server-side secret key used to verify CAPTCHA tokens. |
|
||||
| `CAPTCHA_VERIFY_TIMEOUT_MS` | No | `3000` | Timeout for provider verification requests. |
|
||||
|
||||
For local host execution, `DATABASE_URL` normally points to `localhost:5432`. For Docker Compose services, it points to the internal service name: `postgres://certremind:certremind@postgres:5432/certremind`.
|
||||
|
||||
CAPTCHA is disabled by default. To enable it, set `CAPTCHA_PROVIDER` to `turnstile` or `hcaptcha` and provide both keys. Login and registration then require a provider token, and TOTP logins require a fresh token for each POST.
|
||||
|
||||
## Operational Notes
|
||||
|
||||
- Run `pnpm monitor:worker` as a long-lived Node process for hourly certificate checks.
|
||||
|
||||
Reference in New Issue
Block a user