Gusted eff097448b [GITEA] rework long-term authentication ... - The current architecture is inherently insecure, because you can construct the 'secret' cookie value with values that are available in the database. Thus provides zero protection when a database is dumped/leaked. - This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies). - Integration testing is added to ensure the new mechanism works. - Removes a setting, because it's not used anymore.		2023-10-05 08:03:27 +02:00
..
source	[TESTS] oauth2: make it possible to use an alternate http.Client	2023-10-02 17:06:22 +02:00
auth.go	[GITEA] rework long-term authentication	2023-10-05 08:03:27 +02:00
auth_test.go	Implement FSFE REUSE for golang files (#21840)	2022-11-27 18:20:29 +00:00
basic.go	More refactoring of db.DefaultContext (#27083)	2023-09-15 06:13:19 +00:00
group.go	Remove Named interface (#26913)	2023-09-05 15:58:30 +00:00
httpsign.go	Remove Named interface (#26913)	2023-09-05 15:58:30 +00:00
interface.go	Reduce usage of db.DefaultContext (#27073)	2023-09-14 17:09:32 +00:00
oauth2.go	Allow get release download files and lfs files with oauth2 token format (#26430)	2023-10-01 10:41:52 +00:00
reverseproxy.go	Reduce usage of db.DefaultContext (#27073)	2023-09-14 17:09:32 +00:00
session.go	Remove Named interface (#26913)	2023-09-05 15:58:30 +00:00
signin.go	Reduce usage of db.DefaultContext (#27073)	2023-09-14 17:09:32 +00:00
source.go	Implement FSFE REUSE for golang files (#21840)	2022-11-27 18:20:29 +00:00
sspi.go	Make SSPI auth mockable (#27036)	2023-09-17 23:32:56 +00:00
sspiauth_posix.go	Make SSPI auth mockable (#27036)	2023-09-17 23:32:56 +00:00
sspiauth_windows.go	Make SSPI auth mockable (#27036)	2023-09-17 23:32:56 +00:00
sync.go	Implement FSFE REUSE for golang files (#21840)	2022-11-27 18:20:29 +00:00