0c995f9a0a
Replaces SSH as the primary git push path — no key generation needed. # Admin UI: Users → Generate key (shown once) git remote add hiy http://hiy:API_KEY@myserver/git/myapp git push hiy main What was added: - api_keys DB table (id, user_id, label, key_hash/SHA-256, created_at) Keys are stored as SHA-256 hashes; the plaintext is shown once on creation and never stored. - routes/api_keys.rs GET/POST /api/users/:id/api-keys — list / generate DELETE /api/api-keys/:key_id — revoke - HTTP Smart Protocol endpoints (public, auth via Basic + API key) GET /git/:app/info/refs — ref advertisement POST /git/:app/git-receive-pack — receive pack, runs post-receive hook Authentication: HTTP Basic where the password is the API key. git prompts once and caches via the OS credential store. post-receive hook fires as normal and queues the build. - Admin UI: API keys section per user with generate/revoke and a one-time reveal box showing the ready-to-use git remote command. SSH path (git-shell + authorized_keys) is still functional for users who prefer it; both paths feed the same build queue. https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH |
||
|---|---|---|
| .. | ||
| src | ||
| Cargo.toml | ||