feat: add tip for disabling user-password authentication when using oauth

steveiliop56 · steveiliop56 · commit 41c0d02ab055 · 2025-04-14T18:26:33.000+03:00
diff --git a/docs/guides/github-app-oauth.md b/docs/guides/github-app-oauth.md
@@ -64,4 +64,8 @@ tinyauth:
 OAuth doesn't mean security, with the current setup everybody with a Github account can login to Tinyauth as a normal user. If you would like to limit which users can login with OAuth, you can add the `OAUTH_WHITELIST` environment variable and allow only your email address to login. For more information check [here](../reference/configuration.md)
 :::
 
+::: tip
+Since you have OAuth enabled, you can now remove the `USERS` or `USERS_FILE` environment variables so as you can login only with your OAuth provider.
+:::
+
 And we are done! After you restart your docker container and go to the tinyauth login screen, you should have an additional option to login with Github.
diff --git a/docs/guides/github-oauth.md b/docs/guides/github-oauth.md
@@ -60,4 +60,8 @@ tinyauth:
 OAuth doesn't mean security, with the current setup everybody with a Github account can login to tinyauth as a normal user. If you would like to limit which users can login with OAuth, you can add the `OAUTH_WHITELIST` environment variable and allow only your email address to login. For more information check [here](../reference/configuration.md)
 :::
 
+::: tip
+Since you have OAuth enabled, you can now remove the `USERS` or `USERS_FILE` environment variables so as you can login only with your OAuth provider.
+:::
+
 And we are done! After you restart your docker container and go to the tinyauth login screen, you should have an additional option to login with Github.
diff --git a/docs/guides/google-oauth.md b/docs/guides/google-oauth.md
@@ -80,4 +80,8 @@ tinyauth:
 OAuth doesn't mean security, with the current setup everybody with a Google account can login to tinyauth as a normal user. If you would like to limit which users can login with OAuth, you can add the `OAUTH_WHITELIST` environment variable and allow only your email address to login. For more information check [here](../reference/configuration.md)
 :::
 
+::: tip
+Since you have OAuth enabled, you can now remove the `USERS` or `USERS_FILE` environment variables so as you can login only with your OAuth provider.
+:::
+
 And we are done! After you restart your docker container and go to the tinyauth login screen, you should have an additional option to login with Google.
