Add registration control, admin user management, and security hardening
- Registration auto-closes after first user; admin can toggle from /admin/users - Admin user management view with user list and delete - Password confirmation on registration form - Password change in Settings (PUT /api/auth/password) - Session cookie hardening: HttpOnly, SameSite=Lax, optional Secure flag - Startup warning when SECRET_KEY is default - Production deployment docs: reverse proxy, rate limiting, CSP headers - Fix assist prompt to preserve markdown headings in target sections - Simplify prod compose networking Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -10,7 +10,6 @@ services:
|
||||
OLLAMA_MODEL: "${OLLAMA_MODEL:-llama3.1}"
|
||||
LOG_LEVEL: "${LOG_LEVEL:-INFO}"
|
||||
networks:
|
||||
- fabledassistant_frontend
|
||||
- fabledassistant_backend
|
||||
healthcheck:
|
||||
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:5000/api/health')"]
|
||||
@@ -80,8 +79,5 @@ volumes:
|
||||
ollama_models:
|
||||
|
||||
networks:
|
||||
fabledassistant_frontend:
|
||||
driver: overlay
|
||||
fabledassistant_backend:
|
||||
driver: overlay
|
||||
internal: true
|
||||
|
||||
Reference in New Issue
Block a user