Add OTP and scopes to login #546
No reviewers
gitea/Maintainers
Labels
No Label
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind
enhancement
kind
feature
kind/proposal
kind
question
kind
refactor
kind/security
kind/testing
kind/translation
priority/critical
priority/high
priority/low
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/has-backport
status/has-pull
status/needs-backport
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/sdk
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: gitea/tea#546
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "jolheiser/tea:token-scope"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Resolves #542
a3e2879d4c
tobbaf379554
we should store the scope of the token in the login struct, so if we exec sub-commands we can check if we have permission before we even call the ui
or should we lookup the token scope via api on each exec?
or just let it fail on insuficient permisions?
I think we'd still need to look it up, as a user could use a token that was already created and thus we'd have no idea what perms existed. Alternatively at that point we could cache it somewhere so it's a one-time exec.
This sounds like a bad UX, I think we should avoid it if we can. At least if we can fail early it won't cost a network trip.
@6543 Any further thoughts on this, or is this good at least as a stopgap for now?
bbaf379554
to025cebeb38