about summary refs log tree commit diff
path: root/filters/simple-authentication.lua (follow)
Commit message (Collapse)AuthorAge
* simple-authentication.lua: tie secure cookies to field namesJason A. Donenfeld2015-03-05
|
* simple-authentication: styleJason A. Donenfeld2014-01-23
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: document tweakables in lua scriptJason A. Donenfeld2014-01-17
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: have cgit calculate login addressJason A. Donenfeld2014-01-16
| | | | | | | This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: lua string comparisons are time invariantJason A. Donenfeld2014-01-16
| | | | | | By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* authentication: use hidden form instead of refererJason A. Donenfeld2014-01-16
| | | | | | | This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: add basic authentication filter frameworkJason A. Donenfeld2014-01-16
This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-15 18:18:04 +0000
1-09-23Allow FocusEvents in xtermJune McEnroe Oops! This whole time I thought OpenBSD xterm for some reason didn't support focus events. It turns out allowMouseOps: false disables them by default. Replace the disallowedMouseOps list with everything but. 2021-09-23Use NI_NUMERICSERVJune McEnroe 2021-09-23Make up build away from FreeBSDJune McEnroe 2021-09-23Add quickJune McEnroe 2021-09-23Add The HobbitJune McEnroe Surprisingly good for something written by a man like a hundred years ago! 2021-09-22Remove PSF fontsJune McEnroe They were fun to make but I never actually used them. 2021-09-22Remove Linux-specific utilitiesJune McEnroe I haven't used these in ages. 2021-09-22Call sandbox in CGI modeJune McEnroe Otherwise upload won't actually work. 2021-09-22Support HTTP PUT in upJune McEnroe For use by Palaver[1]. Unfortunately, at least in the current App Store version of Palaver, this doesn't work correctly with basic auth. [1]: https://palaverapp.com/guides/commands/set.html#ui-image_service 2021-09-22Remove default faviconJune McEnroe I hate these things and also this one sucks. 2021-09-21Use Z_FILTERED strategyJune McEnroe 2021-09-21Recalculate various lengths only as neededJune McEnroe This actually speeds things up quite a bit, saving roughly a second on a big PNG screenshot. Almost all the remaining time is spent in deflate. 2021-09-21Rewrite pngo, add explicit optionsJune McEnroe Interesting to see how my code habits have changed. 2021-09-16Fix /* **/ comment matchingJune McEnroe 2021-09-15Remove typer, add downgrade to READMEJune McEnroe 2021-09-15Set bot mode on downgradeJune McEnroe 2021-09-15Enter capsicum in downgradeJune McEnroe 2021-09-15Factor out common parts of downgrade messagesJune McEnroe Also bump the message cap to 1024 because that is ostensibly useful for replying to older messages. 2021-09-14Add downgrade IRC botJune McEnroe 2021-09-14Sort by title if authors matchJune McEnroe There are probably better things to sort by but title definitely always exists. 2021-09-13Swap-remove tags as they're foundJune McEnroe This makes it even faster. From ~1s on a sqlite3.c amalgamation to ~0.85s. 2021-09-12Replace htagml regex with strncmpJune McEnroe Since ctags only ever produces regular expressions of the form /^re$/ or /^re/ with no other special characters, instead unescape the pattern and simply use strncmp. Running on a sqlite3.c amalgamation, the regex version takes ~37s while the strncmp version takes ~1s, producing identical output. Big win! 2021-09-11Also defer printing comment for lone close-parensJune McEnroe 2021-09-10Publish "git-comment"June McEnroe 2021-09-10Add git comment --pretty optionJune McEnroe 2021-09-08Defer printing comment if line is blank or closing braceJune McEnroe This fixes badly indented comments. 2021-09-08Up default min-repeat to 30 linesJune McEnroe 2021-09-08Handle dirty lines in git-commentJune McEnroe 2021-09-08Document and install git-commentJune McEnroe 2021-09-08Add repeat and all options to git-commentJune McEnroe 2021-09-08Add group threshold to git-commentJune McEnroe