Paweł Bogusławski d4e281bc02 Allow Token API calls be authorized using the reverse-proxy header (#15119)
* API calls authorized with HTTP header

This mod allows API calls to be authorized with HTTP header
when ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled. Without
it user authenticated by reverse proxy is able to access
gitea UI but not API which is inconsistent.

Author-Change-Id: IB#1107572

* Fixed API calls authorized with HTTP header

Only reqBasicAuth is modified to allow reverse proxy
auth as alternative and reqToken is left untouched.

Fixes: dc952c0632
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated in docs

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated in docs

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* Reverse proxy API auth separated

Related: https://github.com/go-gitea/gitea/pull/15119#discussion_r621322127
Author-Change-Id: IB#1107572

* ReverseProxyAuth removed from swagger

ReverseProxyAuth removed from swagger as in upstream's suggestion.

Related: https://github.com/go-gitea/gitea/pull/15119#pullrequestreview-692180940
Author-Change-Id: IB#1107572

* ReverseProxyAuth API authorization fixed

Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099
Author-Change-Id: IB#1107572

* ReverseProxyAuth API authorization fixed

Related: https://github.com/go-gitea/gitea/pull/15119#issuecomment-868465099
Author-Change-Id: IB#1107572
2021-11-19 22:54:44 +08:00
2021-09-15 20:33:13 +03:00
2020-12-17 16:33:53 -05:00
2021-07-14 18:08:43 +01:00
2021-11-16 12:24:22 +08:00
2021-06-11 14:51:05 -04:00
2021-11-11 09:52:16 +08:00
2020-07-06 11:56:54 +03:00
2021-11-08 09:04:13 +02:00
2021-11-11 09:52:16 +08:00
2016-11-08 08:42:05 +01:00
2021-08-31 01:06:30 +02:00

Reporting security issues

The Gitea maintainers take security seriously.
If you discover a security issue, please bring it to their attention right away!

Reporting a Vulnerability

Please DO NOT file a public issue, instead send your report privately to security@gitea.io.

Security reports are greatly appreciated and we will publicly thank you for it, although we keep your name confidential if you request it.

S
Description
MokoGitea — custom Gitea fork with .mokogitea manifests, custom fields, org priorities, folder-based wikis, and Joomla update server generation
https://mokoconsulting.tech/support/mokogitea Readme MIT
1,020 MiB
2026-06-21 00:21:51 +00:00
Languages
Go 78.3%
Handlebars 12.8%
TypeScript 4.2%
CSS 1.9%
JavaScript 1.5%
Other 1.2%