chore: update readme & changelog

openstad · Aug 3, 2023 · 31d710b · 31d710b · github-actions · Aug 3, 2023
1 parent 6882d70
commit 31d710b
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,7 +1,7 @@
 # Changelog
 
 ## UNRELEASED
-* Add CIDR-based blocker to prevent e-mail filters (e.g. Cisco Umbrella) from invalidating a login link
+* Add CIDR-based blocker (configurable per client) to prevent e-mail filters (e.g. Cisco Umbrella) from invalidating a login link
 
 ## 1.0.0
 * Add env MYSQL_CA_CERT for MySQL SSL connection

diff --git a/README.md b/README.md
@@ -128,3 +128,18 @@ By default the required fields have labels as defined in `config/user.js`. These
 
 ## MySQL with SSL
 When you want to connect to a MySQL server using SSL, a Certificate Authority certificate is required. The contents of this CA certificate can be passed into the `MYSQL_CA_CERT` environment variable.
+
+## Block CIDRs from invalidating the login e-mail link
+In some cases, e-mail filters (such as Cisco Umbrella) will invalidate the login e-mail link, because all links are visited by the filter.
+To combat this, the Cisco Umbrella CIDRs are blocked by default from visiting the `/auth/url/authenticate` route.
+
+If you need to add other CIDRs to this block, this can be done on a per client basis through the `clients` table under the `config` column:
+
+```
+"blockCidrs": [
+    "1.2.3.4/16",
+    "4.4.4.4/16"
+]
+```
+
+Note: When adding your own `blockCidrs` like this, the default Cisco umbrella CIDRs will be overwritten.