mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-10-24 19:12:24 +00:00
e0853d4a21One of the issues holding back performance of the API is the problem of hashing. Whilst banning BASIC authentication with passwords will help, the API Token scheme still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can still cause enormous numbers of hash computations. A slight solution to this whilst we consider moving to using JWT based tokens and/or a session orientated solution is to simply cache the successful tokens. This has some security issues but this should be balanced by the security issues of load from hashing. Related #14668 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> |
||
|---|---|---|
| .. | ||
| adding-legal-pages.en-us.md | ||
| clone-filter.en-us.md | ||
| cmd-embedded.en-us.md | ||
| config-cheat-sheet.en-us.md | ||
| config-cheat-sheet.zh-cn.md | ||
| customizing-gitea.en-us.md | ||
| customizing-gitea.zh-cn.md | ||
| environment-variables.en-us.md | ||
| environment-variables.zh-cn.md | ||
| external-renderers.en-us.md | ||
| hacking-on-gitea.zh-cn.md | ||
| logging-documentation.en-us.md | ||
| mail-templates-us.md | ||
| make.fr-fr.md | ||
| make.zh-cn.md | ||
| protected-tags.en-us.md | ||
| repo-indexer.en-us.md | ||
| repo-mirror.en-us.md | ||
| search-engines-indexation.en-us.md | ||
| signing.en-us.md | ||
| third-party-tools.zh-cn.md | ||