Skip to content

Security: zaber-dev/Zeython

Security

docs/security.md

Security Guide

Security practices and features in Zeython.

Authentication and sessions

  • Password hashing and user account security
  • Session tracking with device metadata
  • JWT tokens (creation, validation, revocation)

OAuth

  • Providers: Google, GitHub, Discord (stubs/framework)

Hardening tips

  • Disable debug in production
  • Use HTTPS and secure cookies
  • Rotate secrets and tokens
  • Principle of least privilege for DB user

There aren’t any published security advisories