gitea

Commit Graph

Author	SHA1	Message	Date
flynnnnnnnnnn	e81ccc406b	Implement FSFE REUSE for golang files (#21840 ) Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com>	2022-11-27 18:20:29 +00:00
zeripath	b82293270c	Add option to provide signature for a token to verify key ownership (#14054 ) * Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>	2021-07-13 15:28:07 +02:00
Lunny Xiao	34eee25bd4	Move sdk structs to modules/structs (#6905 ) * move sdk structs to moduels/structs * fix tests * fix fmt * fix swagger * fix vendor	2019-05-11 18:21:34 +08:00

Author

SHA1

Message

Date

flynnnnnnnnnn

e81ccc406b

Implement FSFE REUSE for golang files (#21840 )

Change all license headers to comply with REUSE specification.

Fix #16132

Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>

2022-11-27 18:20:29 +00:00

zeripath

b82293270c

Add option to provide signature for a token to verify key ownership (#14054 )

* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>

2021-07-13 15:28:07 +02:00

Lunny Xiao

34eee25bd4

Move sdk structs to modules/structs (#6905 )

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor

2019-05-11 18:21:34 +08:00

3 Commits