(auth): add oauth login #6
Merged
fnetX
merged 7 commits from unkonstant/moderation:oauth into main 2 months ago
Loading…
Reference in new issue
There is no content yet.
Delete Branch 'unkonstant/moderation:oauth'
Deleting a branch is permanent. It CANNOT be undone. Continue?
this adds an alternative way to login via an oauth app in gitea following https://docs.gitea.io/en-us/oauth2-provider/
this can be seen as a first implementation towards #5
currenlty only users which have the admin flag in gitea will be given the mod permission
Oh, bad timing, I just pushed changes and didn't notice your PR. Will have a look at the conflicts in a second.
By the way, is there a way for local testing with this patch?
Okay, thank you very much.
We are using files per feature, so for example the user.go is responsible mostly for interacting with users on the Gitea side.
I'd recommend moving the OAuth stuff to some oauth.go or auth.go file, or maybe into an own package if this is better.
Since I know what I just did, I think I'll try to open a PR to your branch to resolve the conflicts I just created, sorry again.
Thank you very much, I tested it and it seems to work great, even with localhost, so far.
See unkonstant/moderation#1
Huh, conflicts? I can't reproduce them locally. I suppose that Gitea didn't properly re-check upon the merge?
Push an empty commit to the PR, that will let the conflict checking work again.
I guess that could be related to https://github.com/go-gitea/gitea/issues/17204 (potential fix in https://github.com/go-gitea/gitea/pull/18658)?
Will do a push later.
@fnetX finally got this 🟢 , did not really have a chance to test again though after the merge. Please have a look.
@unkonstant Thank you. I suppose you won't find much time to improve this and keep up on potentially necessary changes to this code?
So I propose that we merge the code in as-is, and do further adjustments ourselves, unless you are interested in doing some further patches yourself :)
@fnetX 👍 with merging as is. I could do more on the feature itself in follow up PRs, the pace would be similar to this PR though. So if you are fine with moving slow I can still continue on this.
I would need a bit more input on how exactly this should move forward. The description in #5 is a bit vague on the mapping.
}func randomString(n int) string {letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")Could we use a bit more secure version of this? E.g.
fa5dec966c/modules/util/util.go (L168-L175)and then convert it via hex or base64 to a string?We'll merge this sooner or later, and eventually patch later.
@unkonstant I added some more thoughts in #5.
f7a9773833into main 2 months agof7a9773833.