MokoConsulting/MokoGitea
1
0
Fork 0
Code Issues 142 Pull Requests Releases 90 Wiki Activity

tech-debt: Remove basic auth from API and clarify reverse proxy auth #313

New Issue
Open
opened 2026-05-31 14:12:42 +00:00 by jmiller · 0 comments
jmiller commented 2026-05-31 14:12:42 +00:00
Owner
Copy Link
Copy Source

Summary

API authentication has deprecated patterns that should be cleaned up.

Locations

  • routers/api/v1/api.go:773 - should be removed once basic auth is not allowed in API
  • routers/api/v1/api.go:776 - does reverse proxy auth still make sense in API?
  • models/auth/source.go:291 - allow disabling db-based password auth in future

Action Required

Remove basic auth support from API routes. Evaluate whether reverse proxy auth should remain for API endpoints.

Created by Claude Opus 4.6

## Summary API authentication has deprecated patterns that should be cleaned up. ## Locations - `routers/api/v1/api.go:773` - should be removed once basic auth is not allowed in API - `routers/api/v1/api.go:776` - does reverse proxy auth still make sense in API? - `models/auth/source.go:291` - allow disabling db-based password auth in future ## Action Required Remove basic auth support from API routes. Evaluate whether reverse proxy auth should remain for API endpoints. --- *Created by Claude Opus 4.6*
jmiller added the tech-debtupstream labels 2026-05-31 14:12:42 +00:00
Sign in to join this conversation.
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 pending: testing
Feature implemented but not yet tested with documented proof
 priority: critical
Must fix immediately
 priority: high
Important, fix soon
 priority: low
Nice to have
 priority: medium
Normal priority
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 status: blocked
Blocked by dependency or decision
 status: in-progress
Actively being worked on
 status: needs-review
Awaiting code review
 status: on-hold
Paused intentionally
 status: wontfix
Will not be addressed
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 type: bug
Something isn't working
 type: bug
type: chore
Maintenance, dependencies, cleanup
 type: enhancement
Improvement to existing feature
 type: feature
New functionality
 type: refactor
Code restructuring without behavior change
 type: version
Version bump or release
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
bug
Something is not working
 chore
Maintenance and housekeeping
 documentation
Documentation improvements
 enhancement
Improvement to existing functionality
 feature
New feature or request
 pending: dependency
Blocked by another issue or external dependency
 pending: deployment
Tested and approved, awaiting deployment to production
 pending: design
Needs UI/UX or architecture design before implementation
 pending: documentation
Feature works, needs documentation/wiki update
 pending: feedback
Awaiting feedback or decision from stakeholder
 pending: review
Implementation complete, awaiting code review
 pending: testing
Feature implemented but not yet tested
 priority: critical
Must fix immediately
 priority: high
Should fix soon
 priority: low
Nice to have
 priority: medium
Fix when convenient
 refactor
Code restructuring without behavior change
 roadmap
Planned feature or enhancement tracked on the roadmap
 scope: client
Client-specific work
 scope: dolibarr
Dolibarr modules and customizations
 scope: infrastructure
Server, CI, backups, monitoring
 scope: joomla
Joomla templates and extensions
 scope: waas
MokoWaaS platform
 security
Security vulnerability or hardening
 status: blocked
Waiting on external dependency
 status: duplicate
Duplicate of another issue
 status: in-progress
Being worked on
 status: needs-review
Ready for review
 status: wontfix
Will not be addressed
No labels tech-debt upstream
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea#313
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?