Joders/SkyMoney
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement forgot password, added security updates
Some checks failed
Deploy / deploy (push) Successful in 1m28s
Details
Security Tests / security-non-db (push) Failing after 18s
Details
Security Tests / security-db (push) Failing after 22s
Details

Browse Source
This commit is contained in:
Ricearoni1245
2026-03-01 21:47:15 -06:00
parent c7c72e8199
commit 15e0c0a88a
19 changed files with 761 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env.example
View File

@@ -28,6 +28,12 @@ COOKIE_SECRET=replace-with-32+-chars
COOKIE_DOMAIN=skymoneybudget.com
AUTH_MAX_FAILED_ATTEMPTS=5
AUTH_LOCKOUT_WINDOW_MS=900000
PASSWORD_RESET_TTL_MINUTES=30
PASSWORD_RESET_RATE_LIMIT_PER_MINUTE=5
PASSWORD_RESET_CONFIRM_RATE_LIMIT_PER_MINUTE=10
UPDATE_NOTICE_VERSION=3
UPDATE_NOTICE_TITLE=SkyMoney Update
UPDATE_NOTICE_BODY=We shipped account security improvements, including a new password reset flow and stronger session protections.
# Email (verification + delete confirmation)
SMTP_HOST=smtp.example.com