gitea-mcp

mathias/gitea-mcp

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mathias Bergqvist	9d08352324	feat(auth): fall back to GITEA_MCP_DEFAULT_TOKEN when no Bearer header All checks were successful CD / Lint / Test / Vet (push) Successful in 6s Details CD / Build & Import (push) Successful in 11s Details CD / Deploy via GitOps (push) Successful in 3s Details claude.ai connectors call the server with no Authorization header (confirmed via request logging). Add a configurable default Gitea PAT so unauthenticated clients (like claude.ai) can still reach the server. Claude Code continues to pass per-request PATs; defaultToken="" preserves the existing strict behaviour when the env var is unset. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-09 22:22:04 +02:00
Mathias Bergqvist	923689afa5	feat: replace static API token with per-request Gitea PAT pass-through Callers now supply their own Gitea PAT as a Bearer token; the server validates it against GET /api/v1/user and threads it through context to all downstream Gitea API calls. GITEA_API_TOKEN env var and the GiteaAPIToken config field are removed.	2026-05-07 21:04:47 +02:00
Mathias Bergqvist	d399a216c1	feat(config): env-var loading Add internal/config package with Config struct and Load() function. Reads GITEA_BASE_URL, GITEA_API_TOKEN, GITEA_MCP_ALLOWED_OWNERS, GITEA_MCP_ORIGIN_ALLOWLIST, GITEA_MCP_PORT with sensible defaults. Wire cfg.Port into main.go. TDD: tests written first, then impl. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-04 20:19:31 +02:00

Author

SHA1

Message

Date

Mathias Bergqvist

9d08352324

feat(auth): fall back to GITEA_MCP_DEFAULT_TOKEN when no Bearer header

CD / Lint / Test / Vet (push) Successful in 6s

Details

CD / Build & Import (push) Successful in 11s

Details

CD / Deploy via GitOps (push) Successful in 3s

Details

claude.ai connectors call the server with no Authorization header (confirmed
via request logging). Add a configurable default Gitea PAT so unauthenticated
clients (like claude.ai) can still reach the server.

Claude Code continues to pass per-request PATs; defaultToken="" preserves
the existing strict behaviour when the env var is unset.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-09 22:22:04 +02:00

Mathias Bergqvist

923689afa5

feat: replace static API token with per-request Gitea PAT pass-through

Callers now supply their own Gitea PAT as a Bearer token; the server validates
it against GET /api/v1/user and threads it through context to all downstream
Gitea API calls. GITEA_API_TOKEN env var and the GiteaAPIToken config field are
removed.

2026-05-07 21:04:47 +02:00

Mathias Bergqvist

d399a216c1

feat(config): env-var loading

Add internal/config package with Config struct and Load() function.
Reads GITEA_BASE_URL, GITEA_API_TOKEN, GITEA_MCP_ALLOWED_OWNERS,
GITEA_MCP_ORIGIN_ALLOWLIST, GITEA_MCP_PORT with sensible defaults.
Wire cfg.Port into main.go. TDD: tests written first, then impl.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-04 20:19:31 +02:00

3 Commits