view mod_audit_auth/README.md @ 5407:149634647b48

mod_http_oauth2: Don't issue client_secret when not using authentication This is pretty much only for implicit flow, which is considered insecure anyway, so this is of limited value. If we delete all the implicit flow code, this could be reverted.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:39:32 +0200
parents 530d116b7f68
children 238c4ac8b735
line wrap: on
line source

---
summary: Store authentication events in the audit log
rockspec:
  dependencies:
  - mod_audit
...

This module stores authentication failures and authentication successes in the
audit log provided by `mod_audit`.