summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/setting/security.go8
1 files changed, 8 insertions, 0 deletions
diff --git a/modules/setting/security.go b/modules/setting/security.go
index 92caa05fad..4adfe20635 100644
--- a/modules/setting/security.go
+++ b/modules/setting/security.go
@@ -34,6 +34,7 @@ var (
PasswordHashAlgo string
PasswordCheckPwn bool
SuccessfulTokensCacheSize int
+ DisableQueryAuthToken bool
CSRFCookieName = "_csrf"
CSRFCookieHTTPOnly = true
)
@@ -157,4 +158,11 @@ func loadSecurityFrom(rootCfg ConfigProvider) {
PasswordComplexity = append(PasswordComplexity, name)
}
}
+
+ // TODO: default value should be true in future releases
+ DisableQueryAuthToken = sec.Key("DISABLE_QUERY_AUTH_TOKEN").MustBool(false)
+
+ if !DisableQueryAuthToken {
+ log.Warn("Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.")
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 01:22:43 +0100