tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-10-30 19:08:37 +00:00
Code Releases Activity

Fix attachment download bug (#27486) (#27571)

Browse Source 
Backport #27486 by @lunny

Fix #27204

This PR allows `/<username>/<reponame>/attachments/<uuid>` access with
personal access token and also changed attachments API download url to
it so it can be download correctly.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
Giteabot
2023-10-11 10:39:12 +08:00
committed by GitHub
parent 478e7042f5
commit 9da92835d1
6 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
services/auth/oauth2.go
View File

@@ -127,7 +127,7 @@ func (o *OAuth2) userIDFromToken(ctx context.Context, tokenSHA string, store Dat
func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) {
// These paths are not API paths, but we still want to check for tokens because they maybe in the API returned URLs
if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isAuthenticatedTokenRequest(req) &&
!gitRawReleasePathRe.MatchString(req.URL.Path) {
!isGitRawOrAttachPath(req) {
return nil, nil
}