Bind prompt history to Gitea's server-rendered session identity without an API token

Hop-State: A_06FNB7D05ZQ3AHD1V0GY5P8
Hop-Proposal: R_06FNB7CDK6ZKM505CPR2DY8
Hop-Task: T_06FNB715NCG0M3SVDJAGHY8
Hop-Attempt: AT_06FNB715NCK5MKAVH59TE0G
This commit is contained in:
2026-07-12 02:17:01 -07:00
committed by Hop
parent 96cd6823b2
commit 6be764ec6e
4 changed files with 29 additions and 31 deletions
+3 -3
View File
@@ -33,9 +33,9 @@ view check the viewer's repository access before returning potentially
sensitive prompt text.
The control plane verifies the browser session through Gitea's protected web
settings route, then uses `GITEA_API_TOKEN` to resolve the server-rendered login
to Gitea's immutable user ID. Gitea's `/api/v1/user` endpoint is token-only and
must not be used to validate browser sessions.
settings route. Hop's custom Gitea header renders the active account's immutable
user ID into that protected response, so browser-session verification does not
depend on Gitea's token-only `/api/v1/user` endpoint or `GITEA_API_TOKEN`.
For nginx, the control-plane location should precede the Gitea catch-all: