mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-04 21:04:37 +08:00
e59a70783e
Enhances sign-up process with Turnstile integration for fraud protection. Builds on top of fraud-protection-temp-emails. Made with [Cursor](https://cursor.com) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Cloudflare Turnstile bot-protection across signup/sign-in flows (including SDK JSON mode). * Email deliverability checks via Emailable. * Sign-up risk scoring with persisted risk metrics and country code tracking. * UI: country-code selector, risk-score editing in user details, users list refresh button, and Turnstile signup demo pages. * **Bug Fixes** * Use actual sign-up timestamp for reporting/metrics. * **Documentation** * Expanded knowledge base on Turnstile, risk scoring, and env configuration. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> Co-authored-by: BilalG1 <bg2002@gmail.com> Co-authored-by: Armaan Jain <84474476+Developing-Gamer@users.noreply.github.com> Co-authored-by: nams1570 <amanganapathy@gmail.com>
43 lines
2.1 KiB
Bash
43 lines
2.1 KiB
Bash
NEXT_PUBLIC_STACK_API_URL=# https://your-backend-domain.com
|
|
NEXT_PUBLIC_STACK_DASHBOARD_URL=# https://your-dashboard-domain.com, this will be added as a trusted domain by the seed script
|
|
|
|
STACK_DATABASE_CONNECTION_STRING=# postgres connection string
|
|
|
|
STACK_SERVER_SECRET=# a 32 bytes base64url encoded random string, used for JWT encryption. can be generated with `pnpm generate-keys`
|
|
|
|
# seed script settings
|
|
STACK_SEED_INTERNAL_PROJECT_SIGN_UP_ENABLED=# true to enable user sign up to the dashboard when seeding
|
|
STACK_SEED_INTERNAL_PROJECT_OTP_ENABLED=# true to add OTP auth to the dashboard when seeding
|
|
STACK_SEED_INTERNAL_PROJECT_ALLOW_LOCALHOST=# true to allow running dashboard on the localhost, set this to true only in development
|
|
STACK_SEED_INTERNAL_PROJECT_OAUTH_PROVIDERS=# list of oauth providers to add to the dashboard when seeding, separated by comma, for example "github,google,facebook"
|
|
STACK_SEED_INTERNAL_PROJECT_USER_EMAIL=# default user added to the dashboard
|
|
STACK_SEED_INTERNAL_PROJECT_USER_PASSWORD=# default user's password, paired with STACK_SEED_INTERNAL_PROJECT_USER_EMAIL
|
|
STACK_SEED_INTERNAL_PROJECT_USER_INTERNAL_ACCESS=# if the default user has access to the internal dashboard project
|
|
STACK_SEED_INTERNAL_PROJECT_USER_GITHUB_ID=# add github oauth id to the default user
|
|
|
|
# Set these if you want to use any email functionality
|
|
STACK_EMAILABLE_API_KEY=disable_email_validation
|
|
STACK_EMAIL_HOST=
|
|
STACK_EMAIL_PORT=
|
|
STACK_EMAIL_USERNAME=
|
|
STACK_EMAIL_PASSWORD=
|
|
STACK_EMAIL_SENDER=
|
|
|
|
# Set these if you want to use webhooks
|
|
STACK_SVIX_SERVER_URL=# this is only needed if you self-host the Svix service
|
|
NEXT_PUBLIC_STACK_SVIX_SERVER_URL=# this is only needed if you are using docker compose and the external and internal urls are different. This is the external url for the Svix service.
|
|
STACK_SVIX_API_KEY=
|
|
|
|
STACK_OPENROUTER_API_KEY=# enter your OpenRouter API key for AI features
|
|
|
|
STACK_SKIP_SEED_SCRIPT=# true to skip the seed script
|
|
|
|
STACK_S3_ENDPOINT=
|
|
STACK_S3_REGION=
|
|
STACK_S3_ACCESS_KEY_ID=
|
|
STACK_S3_SECRET_ACCESS_KEY=
|
|
STACK_S3_BUCKET=
|
|
STACK_S3_PRIVATE_BUCKET=
|
|
|
|
STACK_FREESTYLE_API_KEY=# enter your freestyle.sh api key
|