gitea/opengist
0
0
Fork 0
mirror of https://github.com/thomiceli/opengist.git synced 2025-06-12 13:37:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add a setting to allow anonymous access to individual gists while still RequireLogin everywhere else (#229)

Browse Source 
* Add a setting to allow accessing individual gists without auth

This is a middle ground between the existing setting "Require Login",
which requires login to do anything at all, and having it off, which
shows a public list of gists and more generally allows discovering info
about the users/gists of the instance without login.

The idea of this setting is that it is "require login" for everything
except individual gists.

Fixes #228.


Co-authored-by: Thomas Miceli <tho.miceli@gmail.com>
This commit is contained in:
Jade Lovelace
2024-05-12 14:40:11 -07:00
committed by GitHub
parent 2fd053a077
commit 22052bd38f
20 changed files with 187 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/auth/auth.go Normal file
View File

@ -0,0 +1,18 @@
package auth
type AuthInfoProvider interface {
RequireLogin() (bool, error)
AllowGistsWithoutLogin() (bool, error)
}
func ShouldAllowUnauthenticatedGistAccess(prov AuthInfoProvider, isSingleGistAccess bool) (bool, error) {
require, err := prov.RequireLogin()
if err != nil {
return false, err
}
allow, err := prov.AllowGistsWithoutLogin()
if err != nil {
return false, err
}
return !require || (isSingleGistAccess && allow), nil
}