1
0
mirror of https://github.com/octoleo/syncthing.git synced 2025-01-02 14:42:00 +00:00
syncthing/lib/api
Jakob Borg 439c6c5b7c
lib/api: Add cache busting for basic auth (ref ) ()
This adds our short device ID to the basic auth realm. This has at least
two consequences:

- It is different from what's presented by another device on the same
address (e.g., if I use SSH forwards to different dives on the same
local address), preventing credentials for one from being sent to
another.

- It is different from what we did previously, meaning we avoid cached
credentials from old versions interfering with the new login flow.

I don't *think* there should be things that depend on our precise realm
string, so this shouldn't break any existing setups...

Sneakily this also changes the session cookie and CSRF name, because I
think `id.Short().String()` is nicer than `id.String()[:5]` and the
short ID is two characters longer. That's also not a problem...
2023-11-14 11:57:39 +01:00
..
auto all: Remove usage of deprecated io/ioutil () 2021-11-22 08:59:47 +01:00
testdata cmd/syncthing, lib/api: Separate api/gui into own package (ref ) () 2019-03-26 19:53:58 +00:00
.gitignore lib/api: Ignore that one file that always shows up in git status 2020-03-07 11:46:54 +01:00
api_auth_test.go lib/api: Better handle %s templates in LDAP strings (fixes ) () 2023-10-07 02:29:53 +00:00
api_auth.go lib/api: Add cache busting for basic auth (ref ) () 2023-11-14 11:57:39 +01:00
api_csrf.go Add HTML login form (fixes ) () 2023-10-06 13:00:58 +02:00
api_statics.go lib/api: Fix inverted logic in string comparison 2022-07-28 21:51:14 +02:00
api_test.go lib/api: Check basic auth (and set session cookie) before noauth exceptions () 2023-10-10 07:48:55 +02:00
api.go lib/api: Add cache busting for basic auth (ref ) () 2023-11-14 11:57:39 +01:00
confighandler.go lib/config: Accept pre-hashed password (fixes ) () 2023-09-24 19:23:49 +02:00
debug.go all, lib/logger: Refactor SetDebug calls () 2019-10-04 13:03:34 +02:00
mocked_config_test.go lib: Use counterfeiter to mock interfaces in tests () 2021-03-03 08:53:50 +01:00
support_bundle.go cmd/syncthing, lib/api: Separate api/gui into own package (ref ) () 2019-03-26 19:53:58 +00:00