e0853d4a21
One of the issues holding back performance of the API is the problem of hashing. Whilst banning BASIC authentication with passwords will help, the API Token scheme still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can still cause enormous numbers of hash computations. A slight solution to this whilst we consider moving to using JWT based tokens and/or a session orientated solution is to simply cache the successful tokens. This has some security issues but this should be balanced by the security issues of load from hashing. Related #14668 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
---|---|---|
.. | ||
assets/js | ||
content | ||
layouts | ||
scripts | ||
static | ||
.gitignore | ||
config.yaml | ||
LICENSE | ||
Makefile | ||
README.md | ||
README_ZH.md |
Gitea: Docs
Hosting
These pages are hosted using netlifycms and get
automatically updated on every push to the master
branch.
Install
These pages use the Hugo static site generator. If you are planning to contribute you'll want to download and install Hugo on your local machine.
The installation of Hugo is out of the scope of this document, so please take the official install instructions to get Hugo up and running.
Development
To generate the website and serve it on localhost:1313
just execute this command and stop it with Ctrl+C
:
make server
When you are done with your changes just create a pull request, after merging the pull request the website will be updated automatically.
Contributing
Fork -> Patch -> Push -> Pull Request
Authors
License
This project is under the Apache-2.0 License. See the LICENSE file for the full license text.
Copyright
Copyright (c) 2016 The Gitea Authors <https://gitea.io>