MokoConsulting/MokoGitea-APP
1
0
Fork 0
Code Issues 158 Pull Requests 3 Releases 96 Wiki Activity

tech-debt: Remove basic auth from API and clarify reverse proxy auth #313

New Issue
Open
opened 2026-05-31 14:12:42 +00:00 by jmiller · 0 comments
jmiller commented 2026-05-31 14:12:42 +00:00
Owner
Copy Link
Copy Source

Summary

API authentication has deprecated patterns that should be cleaned up.

Locations

  • routers/api/v1/api.go:773 - should be removed once basic auth is not allowed in API
  • routers/api/v1/api.go:776 - does reverse proxy auth still make sense in API?
  • models/auth/source.go:291 - allow disabling db-based password auth in future

Action Required

Remove basic auth support from API routes. Evaluate whether reverse proxy auth should remain for API endpoints.

Created by Claude Opus 4.6

## Summary API authentication has deprecated patterns that should be cleaned up. ## Locations - `routers/api/v1/api.go:773` - should be removed once basic auth is not allowed in API - `routers/api/v1/api.go:776` - does reverse proxy auth still make sense in API? - `models/auth/source.go:291` - allow disabling db-based password auth in future ## Action Required Remove basic auth support from API routes. Evaluate whether reverse proxy auth should remain for API endpoints. --- *Created by Claude Opus 4.6*
jmiller added the tech-debtupstream labels 2026-05-31 14:12:42 +00:00
Sign in to join this conversation.
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
No labels tech-debt upstream
Priority Low
Type Task
Status
Priority
Type
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea-APP#313
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?