forgejo/modules
zeripath e0853d4a21
Add API Token Cache ()
One of the issues holding back performance of the API is the problem of hashing.
Whilst banning BASIC authentication with passwords will help, the API Token scheme
still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can
still cause enormous numbers of hash computations.

A slight solution to this whilst we consider moving to using JWT based tokens and/or
a session orientated solution is to simply cache the successful tokens. This has some
security issues but this should be balanced by the security issues of load from
hashing.

Related 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-17 14:30:42 -04:00
..
analyze Speed up enry.IsVendor () 2021-04-01 19:41:09 +02:00
auth Refactor: Move login out of models () 2021-07-24 11:16:34 +01:00
avatar Add Image Diff for SVG files () 2021-06-05 15:32:19 +03:00
base Fixed assert statements. () 2021-06-07 07:27:09 +02:00
cache Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
charset Refactor renders () 2021-04-19 18:25:08 -04:00
context [API] generalize list header () 2021-08-12 14:43:08 +02:00
convert Add agit flow support in gitea () 2021-07-28 17:42:56 +08:00
cron Refactor: Move login out of models () 2021-07-24 11:16:34 +01:00
csv Fixes - duplicate csv import () 2021-08-05 17:56:11 +01:00
doctor Restore creation of git-daemon-export-ok files () 2021-07-22 12:53:54 +01:00
emoji Run processors on whole of text () 2021-06-17 11:35:05 +01:00
eventsource Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
generate switch to maintained lib () 2021-07-24 13:00:41 +02:00
git [API] generalize list header () 2021-08-12 14:43:08 +02:00
gitgraph Fix bug on commit graph () 2021-04-17 10:27:25 +01:00
graceful Support HTTP/2 in Let's Encrypt () 2021-07-13 18:17:46 +01:00
hcaptcha hCaptcha Support () 2020-10-02 23:37:53 -04:00
highlight Ensure empty lines are copiable and final new line too () 2021-08-14 01:16:56 +02:00
httpcache Add ETag header () 2021-04-12 10:49:26 -04:00
httplib Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
indexer Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
json Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
lfs Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
log Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
markup Fix NPE in fuzzer () 2021-08-13 00:22:05 +02:00
matchlist Add Allow-/Block-List for Migrate & Mirrors () 2020-11-28 19:37:58 -05:00
metrics Separate open and closed issue in metrics () 2021-08-07 12:43:50 +03:00
migrations Update issue_index to finish migration () 2021-08-13 21:06:18 +08:00
nosql Fix setting redis db path () 2021-05-03 13:24:24 -04:00
notification Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
options Add StatDir and replace com.StatDir () 2020-12-22 07:40:57 +08:00
password Fixed assert statements. () 2021-06-07 07:27:09 +02:00
pprof Add golangci () 2019-06-12 15:41:28 -04:00
private Fix spelling of HookProcReceiveResult () 2021-08-14 13:17:10 +02:00
process Code Formats, Nits & Unused Func/Var deletions () 2021-04-09 09:40:34 +02:00
public Improve assets handler middleware () 2021-05-30 18:25:11 +08:00
queue Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
recaptcha Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
references Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00
repofiles Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00
repository Replace list.List with slices () 2021-08-09 14:08:51 -04:00
secret Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00
session Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
setting Add API Token Cache () 2021-08-17 14:30:42 -04:00
ssh Second attempt at preventing zombies () 2021-07-14 10:43:13 -04:00
storage Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
structs Add an api endpoint to fetch git notes () () 2021-08-11 03:01:40 +02:00
svg Fix filepath basename on Windows for SVG bindata () 2020-07-13 21:16:40 +01:00
sync Fix missing unlock in uniquequeue () 2020-01-15 23:58:33 +02:00
task Add an abstract json layout to make it's easier to change json library () 2021-07-24 18:03:58 +02:00
templates Replace list.List with slices () 2021-08-09 14:08:51 -04:00
test Move middlewares to web/middleware () 2021-01-30 10:55:53 +02:00
timeutil Fix display since time round () 2021-01-28 13:29:22 +01:00
translation Use index of the supported tags to choose user lang () 2021-04-14 19:52:01 +01:00
typesniffer Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00
upload Update golangci-lint to version 1.31.0 () 2020-10-11 21:27:20 +01:00
uri Dump github/gitlab/gitea repository data to a local directory and restore to gitea () 2020-12-27 11:34:19 +08:00
user Add gitea-vet () 2020-04-05 07:20:50 +01:00
util Handle too long PR titles correctly () 2021-07-25 03:59:27 +01:00
validation Fix various documentation, user-facing, and source comment typos () 2021-07-08 13:38:13 +02:00
web Restore CORS on git smart http protocol () 2021-07-21 11:32:35 +08:00