1

I am running a powershell script, that makes a repository on a gitea server (using restAPI of gitea). But on the gitea server not everyone is allowed to initialise the repository, only some users are. How can I make my script authorize the permission that the current runner of the script has, and only then makes a repo?

the solution that I have thought till now: git uses access tokens to verify people when operations using the REST API are made. Anyone who wants to use my script will first have to make a token, then enter this token when running my script, and then my script will use this access token in the operation its doing.

Disadvantage: The user has to first make a token =(

Is there any other more elegant solution : like just directly entering the username and password. This way the user does not have to do anything new like making an access token just for my script and directly enter existing username and password which they use to enter the gitea server. Thank you for your time =)

ebrahim
  • 105
  • 1
  • 7
  • Git *doesn't* do authentication. Servers generally provide some server-specific authentication, e.g., using a REST API as you said. Git does not use REST APIs. The end result of all of this is that you have to find or write your own code to do this; Git's won't do, since Git doesn't have any. You may, however, be able to borrow Git's *credential helpers* (external programs—note that each OS has *its own* credential helpers, they're not the same on Windows and MacOS and Linux). – torek Dec 31 '21 at 20:38
  • @torek I agree perhaps git itself doesnt provide any authorization, but clients like gitea and github seem to provide these facilities right? My question was more in relation to those services, namely Gitea. Thanks for your answer though! – ebrahim Dec 31 '21 at 20:52
  • They (Gitea and GitHub) do, but they do this with ssh doing the authentication, or with a web server doing the authentication. So those are the places to look. – torek Dec 31 '21 at 21:16

1 Answers1

1

Your script could make a commit and a push (hence the need to enter username/password) to a public repository, where a post-receive hook would:

  • check if the user is authorized, for instance by checking if their username is part of a file managed independently on the Gitea server
  • make the REST API call with, as new repository name, the one mentioned in the commit message, as filled out by your script during the commit/push mentioned above.

In other words, the REST API call is not made on the client side, but on the server side, where an identity check can be done first.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250