From 3039d6629535c90a6fcf4b0637bbd3f833bd7965 Mon Sep 17 00:00:00 2001 From: Tim Wundenberg Date: Sun, 23 Feb 2025 21:44:58 +0100 Subject: [PATCH] feat(docs): update readme --- Readme.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Readme.md b/Readme.md index fc1f8ec..847e782 100644 --- a/Readme.md +++ b/Readme.md @@ -7,11 +7,11 @@ A basic template with authentication to easily host on a VPC. This template includes everything essential to build an app. It includes the following features: -- Authentication: Users can login, logout, register and reset their password. For increased security TOTP is available aswell. +- Authentication: Users can login, logout, register and reset their password. (for increased security TOTP is planned aswell.) - Observability: The stack contains an Grafana+Prometheus instance for basic monitoring. You are able to add alerts and get notified on your phone. - Mail: You are able to send mail with SMTP. You still need an external Mail Server, but a guide on how to set that up with a custom domain is included. -- SSL: This is included by using traefik as reverse proxy. It handles SSL certificates automatically. Furthermore all services are accessible through subdomains. Best thing is, you can add your more with 3 lines of code -- Actual Stack: Tailwindcss + HTMX + DaisyUI + GO Backend with templ and sqlite +- SSL: This is included by using traefik as reverse proxy. It handles SSL certificates automatically. Furthermore all services are accessible through subdomains. +- Stack: Tailwindcss + HTMX + GO Backend with templ and sqlite ## Architecture Design Decisions @@ -51,13 +51,13 @@ Instead of implementing authentication from scratch, an external OAuth2 provider Pros: - The Systems of BigTech are probably safer. They have security experts employed. - - The other external system needs to prevent credential stuffing attacks, etc. + - The other external system is responsible to prevent credential stuffing attacks, etc. - Users don't have to create new credentials Cons: - High dependency on those providers - - Single Point of failure (If your account is banned, your application access get's lost as well) - - It's possible that these providers ban the whole application - - There still needs to be implemented some logic server side + - Single Point of failure (If your account is banned, your application access get's lost as well.) + - It's possible that these providers ban the whole application (All users lose access) + - There still needs to be implemented some logic - Full application integration can be difficult #### 3. Using OAuth2 with Keycloak -- 2.49.1