From b74e9ceeafd82790e08ec2e66498d2da9c5e2940 Mon Sep 17 00:00:00 2001 From: Artem Medvedev Date: Mon, 11 Dec 2023 19:19:18 +0100 Subject: [PATCH] docs(readme): explain behavior of unset `auth_tokens` and `delete_tokens` (#202) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * doc(readme): explain behavior of unset `auth_tokens` & `delete_tokens` Just a clarification on how this works in the case of uninstalled tokens, for greater clarity and security * docs(readme): update styling * docs(readme): update grammar --------- Co-authored-by: Orhun Parmaksız --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 2453f97f..80731e3d 100644 --- a/README.md +++ b/README.md @@ -252,6 +252,8 @@ Set `delete_tokens` array in [config.toml](./config.toml) to activate the [`DELE $ curl -H "Authorization: " -X DELETE "/file.txt" ``` +> The `DELETE` endpoint will not be exposed and will return `404` error if `delete_tokens` are not set. + ### Server To start the server: @@ -275,6 +277,10 @@ $ rustypaste You can also set multiple auth tokens via the array field `[server].auth_tokens` in your `config.toml`. +> If neither `AUTH_TOKEN` nor `[server].auth_tokens` are set, the server will not require any authentication. +> +> Exception is the `DELETE` endpoint, which requires at least one token to be set. See [deleting files from server](#delete-file-from-server) for more information. + See [config.toml](./config.toml) for configuration options. #### List endpoint