RyderTech/nlcc-itinerary
1
0
Fork 0
Code Issues Pull Requests Packages Activity
Files
3474ca7013d40c3c27d08abb0256c6604ab10121
nlcc-itinerary/Dockerfile
Joshua Ryder d7ee2251a0 docs: Update Dockerfile and README for security improvements 
Dockerfile Changes:
- Remove hardcoded AUTH_SECRET and admin credentials from build args
- Add security comments explaining auto-generation behavior
- Simplify environment variables to only required configurations
- Document how to retrieve auto-generated credentials from logs

README.md Updates:
- Comprehensive security features documentation
- Updated environment variables table with auto-generation info
- Detailed instructions for retrieving auto-generated credentials
- Added security compliance section (OWASP, NIST, best practices)
- Updated project structure to reflect all new security components
- Enhanced database schema documentation
- Added production security recommendations checklist
- Documented all implemented security features:
  * Auto-generated secrets
  * Password security (bcrypt, requirements, reset codes)
  * CSRF protection
  * Session management
  * Account lockout (dual-layer)
  * User management features

All documentation now accurately reflects the enterprise-grade
security implementation and simplified deployment process.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-05 17:43:11 -05:00

1.1 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink