mirror of
https://github.com/RayLabsHQ/gitea-mirror.git
synced 2026-04-24 23:05:53 +03:00
[PR #186] [MERGED] security: enforce session-derived user identity on API routes #174
Labels
No labels
bug
documentation
enhancement
help wanted
pull-request
question
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/gitea-mirror#174
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/RayLabsHQ/gitea-mirror/pull/186
Author: @arunavo4
Created: 2/24/2026
Status: ✅ Merged
Merged: 2/24/2026
Merged by: @arunavo4
Base:
main← Head:codex/security-authz-hardening📝 Commits (2)
34ccbcfsecurity: enforce session user on api routesf43fc42test: harden auth guard failure path📊 Changes
24 files changed (+325 additions, -192 deletions)
View changed files
➕
src/lib/auth-guards.test.ts(+66 -0)➕
src/lib/auth-guards.ts(+45 -0)📝
src/pages/api/activities/cleanup.ts(+5 -20)📝
src/pages/api/activities/index.ts(+6 -11)📝
src/pages/api/config/index.ts(+14 -16)📝
src/pages/api/dashboard/index.ts(+6 -16)📝
src/pages/api/events/index.ts(+6 -8)📝
src/pages/api/github/organizations.ts(+6 -14)📝
src/pages/api/github/repositories.ts(+6 -11)📝
src/pages/api/job/mirror-org.ts(+16 -6)📝
src/pages/api/job/mirror-repo.test.ts(+17 -6)📝
src/pages/api/job/mirror-repo.ts(+16 -6)📝
src/pages/api/job/reset-metadata.ts(+9 -4)📝
src/pages/api/job/retry-repo.ts(+16 -6)📝
src/pages/api/job/schedule-sync-repo.ts(+10 -15)📝
src/pages/api/job/sync-repo.ts(+16 -6)📝
src/pages/api/organizations/[id]/status.ts(+10 -5)📝
src/pages/api/rate-limit/index.ts(+7 -10)📝
src/pages/api/repositories/[id]/status.ts(+10 -5)📝
src/pages/api/sse/index.ts(+5 -7)...and 4 more files
📄 Description
Summary
Security impact
Validation
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.