-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new Authentication Source: GitHub, including GitHub Enterprise #5340
Add new Authentication Source: GitHub, including GitHub Enterprise #5340
Conversation
Looks good to me. |
I register local gogs account with my email which same as my github account used, then I meet a problem with github login.
|
How about use oauth2.0 ? You know, put user's password in the memory of your computer wasn't very safety. And using oauth2.0 means that other third-party services can be integrated easily and quickly, not just github. |
@cupen for the first email issue, that's because Gogs has already has that email linked to another account, you should change to another one and try again. As of safety concerns, although the credential token will be encrypted before storing it in the database, I feel they share the same security risk. OAuth2.0 is a good idea, but it is not friendly if the same user uses different browser or clean the browser cache before login, he has to authorize it every time. |
@luhaixun Thanks for your feedback. It looks like we have two different viewpoint.
|
@cupen For [1] security concern, I agree with you that it's a good chance for Gogs think more about this. 💯 As of [2], yes we have a different view indeed because my Chrome profile is set to clear all cache every time after I close the browser, which is hard set by our Dev IT. :( |
Yes it seems good |
But obviously oAuth is needed , @unknwon can you please re-implement oAuth ? |
I'm merging this into a feature branch because of some required fixes/changes. Thanks for the PR! |
Just tested and proved that use personal access token as password with user profile permission actually works. So no password transmission at all. |
Merged into |
Getting this error
|
@CodingPurple thanks your feedback! But your feedback is as vague as said nothing. Can you provide detailed steps? |
Hello @unknwon! I'm getting this error while creating new auth admin > auths > new |
@codeskyblue Hi, I cannot reproduce this error. I suspect you are using a modified version of Gogs and changed validation rule to make a "Range" binding rule to be required. |
@codeskyblue could you help run below query in your gogs database for a quick check?
|
…ise (gogs#5340) * Add new Authentication Source: GitHub, including GitHub Enterprise. * Add vendor dependencies.
This is a reopen of pull request #5306 as closed by mistake. The PR will support GitHub Authentication both for github.com and any customized GitHub Enterprise.
The related issues are:
#2927
#3033