web/forgejo
8
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-02-22 11:25:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
forgejo/models
History
Gusted 06556abb6d
Some checks failed
Integration tests for the release process / release-simulation (push) Has been cancelled
Details
/ release (push) Has been cancelled
Details
testing / backend-checks (push) Has been cancelled
Details
testing / frontend-checks (push) Has been cancelled
Details
testing / test-unit (push) Has been cancelled
Details
testing / test-e2e (push) Has been cancelled
Details
testing / test-remote-cacher (redis) (push) Has been cancelled
Details
testing / test-remote-cacher (valkey) (push) Has been cancelled
Details
testing / test-remote-cacher (garnet) (push) Has been cancelled
Details
testing / test-remote-cacher (redict) (push) Has been cancelled
Details
testing / test-mysql (push) Has been cancelled
Details
testing / test-pgsql (push) Has been cancelled
Details
testing / test-sqlite (push) Has been cancelled
Details
testing / security-check (push) Has been cancelled
Details
fix: delay deleting authorization token (#6937) 
- 1ce33aa38d extended the LTA table with a purpose column so it could be extended to other tokens. However some are single-use tokens and should be deleted after use.
- This did not result in a good UX for activating user as they needed to also fill in their passwords and in the case that the password was incorrect the token would no longer be usable.
- This patch modifies the code to allow for a little delay before deleting authorization tokens to do additional verification such as the password check. This cannot be done before the authorization token check as that the authorization token determines who the user is.
- Resolves forgejo/forgejo#6912
- Adjusted existing unit test.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6937
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-02-17 11:09:33 +00:00
..
actions fix(sec): web route update and delete runner variables 2025-02-08 07:21:14 +00:00
activities Fix nil panic if repo doesn't exist (#32501) 2024-11-17 12:18:56 +01:00
admin Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
asymkey fix: native parsing of ssh certificate key (#6953) 2025-02-15 15:42:57 +00:00
auth chore: Remove GetSourceByName 2025-01-31 14:40:27 +01:00
avatars chore(build): use a stable mirror for go-libravatar 2024-09-14 09:58:49 +02:00
db feat: add limited execution tracing support 2025-01-05 04:07:49 +01:00
dbfs Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
fixtures feat: add pronoun privacy option (#6773) 2025-02-15 13:07:15 +00:00
forgefed enhance test & fix reviews 2024-05-14 08:24:31 +02:00
forgejo/semver tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forgejo_migrations fix: forgejo migrations numbering in comments and rename latest migration file (#6957) 2025-02-16 08:17:33 +00:00
git Detect whether action view branch was deleted (#32764) 2024-12-15 09:45:10 +01:00
issues fix(sec): add tests for private issues on projects 2025-02-08 07:22:10 +00:00
migrations fix: reduce noise for the v303 migration (#6591) 2025-01-17 07:42:20 +00:00
organization chore: Remove UpdateTeamUnits 2025-01-31 16:22:29 +01:00
packages Alt Linux Apt-Rpm repository support for Forgejo packages. (#6351) 2025-01-22 14:01:49 +00:00
perm tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
project fix(sec): permission check for project issue 2025-02-08 07:22:10 +00:00
pull Add branch auto deletion for scheduled PRs 2024-10-31 03:49:15 +01:00
quota feat: Trivial default quota configuration 2024-08-26 13:25:34 +02:00
repo fix: make author search case insenstive (#6782) 2025-02-04 16:33:47 +00:00
secret feat(secret): generate FORGEJO_TOKEN for all tasks 2024-12-08 09:42:18 +08:00
shared/types Refactor locale&string&template related code (#29165) 2024-02-16 15:20:52 +01:00
system fix: xorm:version default is inconsistent 2024-12-24 09:42:47 +01:00
unit i18n: UX improvements: Team permissions and issue closing 2024-09-24 19:03:30 +02:00
unittest Refactor env var related code (#33075) 2025-01-05 13:46:19 +00:00
user fix: delay deleting authorization token (#6937) 2025-02-17 11:09:33 +00:00
webhook Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
error.go chore: Remove ErrUpdateTaskNotExist 2025-01-31 16:22:29 +01:00
main_test.go tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
org.go Refactor deletion (#28610) 2023-12-25 21:25:29 +01:00
org_team.go Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220) 2023-12-07 15:27:36 +08:00
org_team_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
org_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
repo.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
repo_test.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
repo_transfer.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-28 15:39:00 +02:00
repo_transfer_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00