mirror of
1
Fork 0
Commit Graph

9 Commits

Author SHA1 Message Date
zeripath 17c5c654a5
Prevent double-login for Git HTTP and LFS and simplify login (#15303)
* Prevent double-login for Git HTTP and LFS and simplify login

There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.

This duplicated code had individual inconsistencies that were not
helpful and caused confusion.

This PR does the following:

* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.

* add test

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-15 17:32:09 +02:00
zeripath 055f6d2296 Fix "data race" in testlogger (#9159)
* Fix data race in testlogger

* Update git_helper_for_declarative_test.go
2019-11-26 01:21:37 +02:00
guillep2k 0bda876161 Fix lfs locks (#8361)
* Extend time window for TestAPILFSLocksLogged
2019-10-03 09:56:26 +02:00
Antoine GIRARD c2c35d169c lfs/lock: round locked_at timestamp to second (#7872)
* lfs/lock: round locked_at timestamp to second

* test returned locked_at values

* tests: use time RFC3339
2019-08-15 18:53:28 +08:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
Antoine GIRARD 9e842c8a72 Fix SSH auth lfs locks (#3152)
* Fix SSH auth LFS locks

* Activate SSH/lock test

* Remove debug

* Follow @lunny recommendation for AfterLoad method
2018-01-27 18:48:15 +02:00
Ethan Koenig 9f033bf2b5 Make test more robust (#3167) 2017-12-12 15:17:08 +08:00
Antoine GIRARD 4035ab05fa Fix git lfs path (#3016)
* add suffix .git

* Remove Content-Type on GET methods

* Add migrations to force creation before any further potential migration
2017-11-29 01:35:23 +02:00
Antoine GIRARD d99f4ab003 Git LFS lock api (#2938)
* Implement routes

* move to api/sdk and create model

* Implement add + list

* List return 200 empty list no 404

* Add verify lfs lock api

* Add delete and start implementing auth control

* Revert to code.gitea.io/sdk/gitea vendor

* Apply needed check for all lfs locks route

* Add simple tests

* fix lint

* Improve tests

* Add delete test + fix

* Add lfs ascii header

* Various fixes from review + remove useless code + add more corner case testing

* Remove repo link since only id is needed.

Save a little of memory and cpu time.

* Improve tests

* Use TEXT column format for path + test

* fix mispell

* Use NewRequestWithJSON for POST tests

* Clean path

* Improve DB format

* Revert uniquess repoid+path

* (Re)-setup uniqueness + max path length

* Fixed TEXT in place of VARCHAR

* Settle back to maximum VARCHAR(3072)

* Let place for repoid in key

* Let place for repoid in key

* Let place for repoid in key

* Revert back
2017-11-28 22:58:37 +02:00