Gusted 1ce33aa38d fix: extend forgejo_auth_token table ... - Add a `purpose` column, this allows the `forgejo_auth_token` table to be used by other parts of Forgejo, while still enjoying the no-compromise architecture. - Remove the 'roll your own crypto' time limited code functions and migrate them to the `forgejo_auth_token` table. This migration ensures generated codes can only be used for their purpose and ensure they are invalidated after their usage by deleting it from the database, this also should help making auditing of the security code easier, as we're no longer trying to stuff a lot of data into a HMAC construction. -Helper functions are rewritten to ensure a safe-by-design approach to these tokens. - Add the `forgejo_auth_token` to dbconsistency doctor and add it to the `deleteUser` function. - TODO: Add cron job to delete expired authorization tokens. - Unit and integration tests added.		2024-11-15 10:59:36 +01:00
..
api	Merge pull request '[FEAT] Trim spaces from repo names on form submission' (#5822) from gusted/forgejo-trim-spaces-form into forgejo	2024-11-06 09:16:17 +00:00
common	[PORT] Refactor the DB migration system slightly (gitea#32344)	2024-11-03 17:00:48 +01:00
install	[CHORE] Move to new sessioner library	2024-08-25 03:47:08 +02:00
private	[CHORE] Use forked binding library	2024-11-05 22:47:34 +01:00
utils	[PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167)	2024-04-15 13:03:08 +00:00
web	fix: extend forgejo_auth_token table	2024-11-15 10:59:36 +01:00
init.go	Revert "Open telemetry integration (#3972)"	2024-08-07 11:22:43 +02:00