Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add basic auth support to rss/atom feeds #33371

Merged
merged 8 commits into from
Jan 27, 2025
Merged

Add basic auth support to rss/atom feeds #33371

merged 8 commits into from
Jan 27, 2025
+57 −19

Conversation

misthios
Copy link
Contributor

Allows RSS readers to access private feeds using their basic auth capabilities. Not all clients feature the ability to add cookies or headers.

fixes #32458

Tested with miniflux

no credentials:
image

basic auth entered:
image
image

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 23, 2025
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jan 23, 2025
@github-actions github-actions bot added the modifies/go Pull requests that update Go code label Jan 23, 2025
lunny
lunny reviewed Jan 24, 2025
View reviewed changes
services/auth/auth.go Outdated Show resolved Hide resolved
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 24, 2025
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 24, 2025
@wxiaoguang wxiaoguang marked this pull request as draft January 24, 2025 01:55
@wxiaoguang wxiaoguang self-assigned this Jan 24, 2025
@wxiaoguang wxiaoguang added this to the 1.24.0 milestone Jan 24, 2025
@silverwind silverwind added the type/feature Completely new functionality. Can only be merged if feature freeze is not active. label Jan 24, 2025
silverwind
silverwind reviewed Jan 24, 2025
View reviewed changes
services/auth/auth.go Outdated Show resolved Hide resolved
silverwind
silverwind requested changes Jan 24, 2025
View reviewed changes
Copy link
Member

@silverwind silverwind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See above

@GiteaBot GiteaBot added lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged and removed lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. labels Jan 24, 2025
@wxiaoguang
Copy link
Contributor

Should match extensions case-insensitively, strings.HasSuffix is case-sensitive.

I think a small regex like regexp.MustCompile("(?i)\.(rss|atom)") is justified, cached in a top-level variable in the file.

No, it shouldn't.

@silverwind
Copy link
Member

Should match extensions case-insensitively, strings.HasSuffix is case-sensitive.
I think a small regex like regexp.MustCompile("(?i)\.(rss|atom)") is justified, cached in a top-level variable in the file.

No, it shouldn't.

Filenames are case-insensitive, so you don't want to handle .RSS files?

@wxiaoguang
Copy link
Contributor

Should match extensions case-insensitively, strings.HasSuffix is case-sensitive.
I think a small regex like regexp.MustCompile("(?i)\.(rss|atom)") is justified, cached in a top-level variable in the file.

No, it shouldn't.

Filenames are case-insensitive, so you don't want to handle .RSS files?

No, filenames are case-sensitive in many systems.

And here, it is even NOT for "filename".

@silverwind
Copy link
Member

silverwind commented Jan 24, 2025
edited
Loading

Ah right, I forgot we are not actually reading any FS, but generating on the fly.

I guess the routes could still be made case-insensitive to follow FS semantics and general HTTP best practices for "files", but it's not a issue with this PR.

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged labels Jan 24, 2025
@wxiaoguang
Copy link
Contributor

Ah right, I forgot we are not actually reading any FS, but generating on the fly.

I guess the routes could still be made case-insensitive to follow FS semantics and general HTTP best practices for "files", but it's not a issue with this PR.

Actually no, I will prepare some other improvements first to clarify the problem (#33371 (comment))

@wxiaoguang
Merge branch 'main' into feedauth
3e00536 
# Conflicts:
#	services/auth/basic.go
@wxiaoguang
improve
a37aea6
@pull-request-size pull-request-size bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 26, 2025
@wxiaoguang
Copy link
Contributor

Made some improvements in a37aea6 and added some tests

@wxiaoguang wxiaoguang marked this pull request as ready for review January 26, 2025 10:11
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Jan 27, 2025
@lunny lunny enabled auto-merge (squash) January 27, 2025 01:16
@lunny lunny merged commit c79adf0 into go-gitea:main Jan 27, 2025
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Jan 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wxiaoguang wxiaoguang wxiaoguang approved these changes

@silverwind silverwind silverwind approved these changes

@lunny lunny lunny approved these changes

Assignees

@wxiaoguang wxiaoguang

Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/feature Completely new functionality. Can only be merged if feature freeze is not active.
Projects
None yet
Milestone
1.24.0
Development

Successfully merging this pull request may close these issues.

No way to authenticate for RSS feeds
5 participants
@misthios @wxiaoguang @silverwind @lunny @GiteaBot