forgejo/modules
Gusted 1ce33aa38d
fix: extend forgejo_auth_token table
- Add a `purpose` column, this allows the `forgejo_auth_token` table to
be used by other parts of Forgejo, while still enjoying the
no-compromise architecture.
- Remove the 'roll your own crypto' time limited code functions and
migrate them to the `forgejo_auth_token` table. This migration ensures
generated codes can only be used for their purpose and ensure they are
invalidated after their usage by deleting it from the database, this
also should help making auditing of the security code easier, as we're
no longer trying to stuff a lot of data into a HMAC construction.
-Helper functions are rewritten to ensure a safe-by-design approach to
these tokens.
- Add the `forgejo_auth_token` to dbconsistency doctor and add it to the
`deleteUser` function.
- TODO: Add cron job to delete expired authorization tokens.
- Unit and integration tests added.
2024-11-15 10:59:36 +01:00
..
actions Fix wrong status of Set up Job when first step is skipped (#32120) 2024-09-29 10:38:49 +02:00
activitypub test: fix test linting 2024-11-11 12:44:36 +01:00
analyze
assetfs Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
auth Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
avatar Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
base fix: extend forgejo_auth_token table 2024-11-15 10:59:36 +01:00
cache Increase cacheContextLifetime to reduce false reports (#32011) 2024-09-14 17:09:03 +02:00
charset refactor: remove redundant err declarations (#32381) 2024-11-05 09:33:15 +01:00
container Add container.FilterSlice function (gitea#30339) 2024-04-16 11:49:44 +02:00
csv Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
emoji
eventsource [BUG] Make logout event non-blocking 2024-08-12 19:13:23 +02:00
forgefed style: reenable switch check 2024-08-18 15:19:01 +02:00
generate Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
git Fix clean tmp dir (#32360) 2024-11-05 09:33:15 +01:00
gitgraph fix: Proper paring of date for git commits 2024-11-10 22:23:28 +01:00
gitrepo [CHORE] Drop go-git support 2024-08-12 19:11:09 +02:00
graceful chore: remove some Windows-specific files 2024-09-19 20:39:55 +05:00
hcaptcha
highlight [BUG] Make chroma match case-insenstive 2024-10-11 15:42:18 +02:00
hostmatcher Support allowed hosts for migrations to work with proxy (#32025) 2024-09-14 17:52:54 +02:00
html
httpcache Fix wrong last modify time (#32102) 2024-09-27 08:42:48 +02:00
httplib Fix wrong last modify time (#32102) 2024-09-27 08:42:48 +02:00
indexer test: add for issue indexer sort by score 2024-11-10 07:17:27 +00:00
issue/template [CHORE] Use forked binding library 2024-11-05 22:47:34 +01:00
json
keying [FEAT] Allow pushmirror to use publickey authentication 2024-08-22 17:05:07 +02:00
label
lfs test: fix test linting 2024-11-11 12:44:36 +01:00
log [CHORE] Fix darwin compatibility 2024-08-09 17:44:41 +02:00
markup Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo 2024-11-06 08:57:43 +00:00
mcaptcha
metrics Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
migration Support migrating GitHub/GitLab PR draft status (#32242) 2024-10-20 09:24:25 +02:00
nosql [FEAT] Only implement used API of Redis client 2024-08-30 04:33:15 +02:00
optional Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
options
packages fix: handle renamed dependency for cargo registery 2024-11-13 21:26:49 +01:00
paginator
pprof
private fix(hook): ignore unknown push options instead of failing 2024-07-02 21:39:01 +02:00
process chore: remove some Windows-specific files 2024-09-19 20:39:55 +05:00
proxy
proxyprotocol
public
queue chore: update mock redis client 2024-09-01 05:42:34 +02:00
recaptcha
references Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
regexplru Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
repository Fix created_unix for mirroring (#32342) 2024-11-05 09:39:23 +01:00
secret Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
session [FEAT] Only implement used API of Redis client 2024-08-30 04:33:15 +02:00
setting feat: Make AVIF Images work with Forgejo 2024-11-13 19:09:40 +01:00
sitemap Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
ssh
storage Add artifacts test fixture (#30300) 2024-11-05 09:33:15 +01:00
structs fix: add label to issues and PR labeled/unlabeled events 2024-11-04 10:41:11 +01:00
svg
sync
system Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
templates [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
test test(util): MockProtect when mocking multiple times 2024-06-02 15:24:06 +02:00
testlogger test: add trailing newline to testlogger.go:recordError message 2024-11-14 14:38:47 +01:00
timeutil [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
translation i18n: Add dummy language for checking translation keys (#5785) 2024-11-05 09:59:04 +00:00
turnstile
typesniffer feat: Make AVIF Images work with Forgejo 2024-11-13 19:09:40 +01:00
updatechecker Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
uri Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
user test: enforce tenv usage in tests 2024-07-17 23:07:41 +02:00
util test: fix test linting 2024-11-11 12:44:36 +01:00
validation [CHORE] Use forked binding library 2024-11-05 22:47:34 +01:00
web [CHORE] Use forked binding library 2024-11-05 22:47:34 +01:00
webhook Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00
zstd Cache generated binary across jobs 2024-08-26 23:43:09 +02:00