Beyond coding. We forge.
Find a file
zeripath 17c5c654a5
Prevent double-login for Git HTTP and LFS and simplify login (#15303)
* Prevent double-login for Git HTTP and LFS and simplify login

There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.

This duplicated code had individual inconsistencies that were not
helpful and caused confusion.

This PR does the following:

* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.

* add test

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-15 17:32:09 +02:00
.github Issue template addition: Are you using Gitea behind CloudFlare? (#14098) 2021-02-18 12:28:07 +01:00
assets Clean up SVG (#13680) 2020-12-17 16:33:53 -05:00
build Use binary version of revive linter (#15739) 2021-05-09 13:08:02 +02:00
cmd Fix error message when saving generated LOCAL_ROOT_URL config (#15880) 2021-05-15 11:23:21 +01:00
contrib Only write config in environment-to-ini if there are changes (#15861) 2021-05-14 01:01:05 +02:00
custom/conf Add mimetype mapping settings (#15133) 2021-05-10 16:38:08 -04:00
docker Only offer hostcertificates if they exist (#15849) 2021-05-13 15:11:28 +03:00
docs reverse proxy for IIS (#15555) 2021-05-14 00:36:53 -04:00
integrations Prevent double-login for Git HTTP and LFS and simplify login (#15303) 2021-05-15 17:32:09 +02:00
models Restore PAM user autocreation functionality (#15825) 2021-05-13 23:11:47 +01:00
modules Prevent double-login for Git HTTP and LFS and simplify login (#15303) 2021-05-15 17:32:09 +02:00
options [skip ci] Updated translations via Crowdin 2021-05-15 00:25:06 +00:00
public Update JS dependencies (#15591) 2021-04-24 13:07:22 +03:00
routers Prevent double-login for Git HTTP and LFS and simplify login (#15303) 2021-05-15 17:32:09 +02:00
services Prevent double-login for Git HTTP and LFS and simplify login (#15303) 2021-05-15 17:32:09 +02:00
snap Consolidate Logos and update README header (#14136) 2021-01-01 14:04:35 -05:00
templates Restore PAM user autocreation functionality (#15825) 2021-05-13 23:11:47 +01:00
tools Fix go-fuzz (#15596) 2021-04-23 16:22:52 +08:00
vendor Upgrade xorm to v1.1.0 (#15869) 2021-05-14 20:17:06 +01:00
web_src Fix blame row height alignment (#15863) 2021-05-14 21:15:53 -04:00
.air.conf Add 'watch-backend' (#12330) 2020-07-27 14:05:42 -04:00
.changelog.yml Add API Section to Changelog (#13125) 2020-10-13 01:39:17 -04:00
.drone.yml Update JS dependencies, use Node 16 (#15804) 2021-05-13 11:12:36 -04:00
.editorconfig add well-known config for OIDC (#15355) 2021-04-15 22:32:00 -04:00
.eslintrc Update JS dependencies, use Node 16 (#15804) 2021-05-13 11:12:36 -04:00
.gitattributes Update JS dependencies and misc tweaks (#13741) 2020-11-29 16:39:36 -05:00
.gitignore Update JS dependencies, use Node 16 (#15804) 2021-05-13 11:12:36 -04:00
.golangci.yml Drop back to use IsAnInteractiveSession for SVC (#15749) 2021-05-07 11:27:31 +02:00
.ignore Fonts rework (#12114) 2020-07-06 11:56:54 +03:00
.lgtm refactor: ignore LGTM from author of pull request. (#3283) 2018-01-02 06:13:49 -06:00
.npmrc Stop packaging node_modules in release tarballs (#15273) 2021-04-09 01:08:14 -04:00
.revive.toml refactor: replace lint to revive (#5422) 2018-12-03 09:28:46 -05:00
.stylelintrc Fix tooltips and issue dependency styles (#13458) 2020-11-10 20:28:07 +02:00
BSDmakefile Add BSDmakefile to prevent errors when make is called under FreeBSD (#4446) 2018-07-16 20:45:51 +02:00
build.go Use binary version of revive linter (#15739) 2021-05-09 13:08:02 +02:00
CHANGELOG.md Changelog v1.14.2 (#15794) (#15799) 2021-05-09 13:49:26 +02:00
CONTRIBUTING.md Update owners for 2021 (#14206) 2021-01-01 01:41:03 +02:00
DCO follow the advisor: add DCO and some improvements 2016-11-04 16:43:41 +08:00
Dockerfile Remove random password in Dockerfiles (#15362) 2021-04-29 19:48:52 +02:00
Dockerfile.rootless Remove random password in Dockerfiles (#15362) 2021-04-29 19:48:52 +02:00
go.mod Upgrade xorm to v1.1.0 (#15869) 2021-05-14 20:17:06 +01:00
go.sum Upgrade xorm to v1.1.0 (#15869) 2021-05-14 20:17:06 +01:00
jest.config.js Add jest rootDir and test-frontend dependency (#15860) 2021-05-14 07:28:51 +01:00
LICENSE Fix typo 2016-11-08 08:42:05 +01:00
main.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
MAINTAINERS Update MAINTAINERS (#15382) 2021-04-09 19:11:31 -04:00
Makefile Add jest rootDir and test-frontend dependency (#15860) 2021-05-14 07:28:51 +01:00
package-lock.json Update JS dependencies, use Node 16 (#15804) 2021-05-13 11:12:36 -04:00
package.json Update JS dependencies, use Node 16 (#15804) 2021-05-13 11:12:36 -04:00
README.md Update README.md | Add translation section (#15830) 2021-05-12 11:02:55 -04:00
README_ZH.md Update README.md | Add translation section (#15830) 2021-05-12 11:02:55 -04:00
SECURITY.md Add security policy to repo (#12536) 2020-08-19 17:15:55 +01:00
webpack.config.js Use esbuild to minify CSS (#15756) 2021-05-07 15:12:37 -04:00

Gitea

Gitea - Git with a cup of tea

View the chinese version of this document

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

TAGS="bindata" make build

or if sqlite support is required:

TAGS="bindata sqlite sqlite_unlock_notify" make build

The build target is split into two sub-targets:

  • make backend which requires Go 1.13 or greater.
  • make frontend which requires Node.js 12.17 or greater and Internet connectivity to download npm dependencies.

When building from the official source tarballs which include pre-built frontend files, the frontend target will not be triggered, making it possible to build without Node.js and Internet connectivity.

Parallelism (make -j <num>) is not supported.

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Translating

Translations are done through Crowdin. If you want to translate to a new language ask one of the managers in the Crowdin project to add a new language there.

You can also just create an issue for adding a language or ask on discord on the #translation channel. If you need context or find some translation issues, you can leave a comment on the string or ask on Discord. For general translation questions there is a section in the docs. Currently a bit empty but we hope fo fill it as questions pop up.

https://docs.gitea.io/en-us/translation-guidelines/

Crowdin

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server or create a post in the discourse forum.

We maintain a list of Gitea-related projects at gitea/awesome-gitea.
The hugo-based documentation theme is hosted at gitea/theme.
The official Gitea CLI is developed at gitea/tea.

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

FAQ

How do you pronounce Gitea?

Gitea is pronounced /ɡɪti:/ as in "gi-tea" with a hard g.

Why is this not hosted on a Gitea instance?

We're working on it.

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.

Screenshots

Looking for an overview of the interface? Check it out!

Dashboard User Profile Global Issues
Branches Web Editor Activity
New Migration Migrating Pull Request View
Pull Request Dark Diff Review Dark Diff Dark