tdsds.com/gitea
tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-11-01 15:54:25 +00:00
Code Releases Activity
18,496 Commits 17 Branches 214 Tags 2.2 GiB
d6d3c96e65
Commit Graph

8 Commits

Author SHA1 Message Date
Wim
01dec7577a
Remove SHA1 for support for ssh rsa signing (#31857) 
https://github.com/go-fed/httpsig seems to be unmaintained. 

Switch to github.com/42wim/httpsig which has removed deprecated crypto
and default sha256 signing for ssh rsa.

No impact for those that use ed25519 ssh certificates.

This is a breaking change for:
- gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too
- activitypub using deprecated crypto (is this actually used?)
 2024-09-07 18:05:18 -04:00
Lunny Xiao
df1e7d0067
Use db.Find instead of writing methods for every object (#28084) 
For those simple objects, it's unnecessary to write the find and count
methods again and again.
 2023-11-24 03:49:41 +00:00
JakobDev
ebe803e514
Penultimate round of db.DefaultContext refactor (#27414) 
Part of #27065

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2023-10-11 04:24:07 +00:00
KN4CK3R
0eebeeec90
Remove Named interface (#26913) 
`Named` is implemented by every `Method` and future implementations
should implement the method too.
 2023-09-05 15:58:30 +00:00
Lunny Xiao
ca67c5a8a7
refactor auth interface to return error when verify failure (#22119) 
This PR changed the Auth interface signature from 
`Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess
SessionStore) *user_model.User`
to 
`Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess
SessionStore) (*user_model.User, error)`.

There is a new return argument `error` which means the verification
condition matched but verify process failed, we should stop the auth
process.

Before this PR, when return a `nil` user, we don't know the reason why
it returned `nil`. If the match condition is not satisfied or it
verified failure? For these two different results, we should have
different handler. If the match condition is not satisfied, we should
try next auth method and if there is no more auth method, it's an
anonymous user. If the condition matched but verify failed, the auth
process should be stop and return immediately.

This will fix #20563

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Jason Song <i@wolfogre.com>
 2022-12-28 13:53:28 +08:00
Lunny Xiao
0a7d3ff786
refactor some functions to support ctx as first parameter (#21878) 
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lauris BH <lauris@nix.lv>
 2022-12-03 10:48:26 +08:00
flynnnnnnnnnn
e81ccc406b
Implement FSFE REUSE for golang files (#21840) 
Change all license headers to comply with REUSE specification.

Fix #16132

Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
 2022-11-27 18:20:29 +00:00
Wim
e528e2b435
Implement http signatures support for the API (#17565) 
Fixes #12338

This allows use to talk to the API with our ssh certificate (and/or ssh-agent) without needing to fetch an API key or tokens.
It will just automatically work when users have added their ssh principal in gitea.

This needs client code in tea
Update: also support normal pubkeys

ref: https://tools.ietf.org/html/draft-cavage-http-signatures

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
 2022-06-05 08:16:14 +01:00