mathias/gitea-mcp
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): fall back to GITEA_MCP_DEFAULT_TOKEN when no Bearer header
All checks were successful
CD / Lint / Test / Vet (push) Successful in 6s
Details
CD / Build & Import (push) Successful in 11s
Details
CD / Deploy via GitOps (push) Successful in 3s
Details

Browse Source 
claude.ai connectors call the server with no Authorization header (confirmed
via request logging). Add a configurable default Gitea PAT so unauthenticated
clients (like claude.ai) can still reach the server.

Claude Code continues to pass per-request PATs; defaultToken="" preserves
the existing strict behaviour when the env var is unset.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mathias Bergqvist
2026-05-09 22:22:04 +02:00
parent 70173875d8
commit 9d08352324
4 changed files with 41 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/config/config.go
View File

@@ -8,6 +8,7 @@ import (
type Config struct {
Port string // GITEA_MCP_PORT, default 8080
GiteaBaseURL string // GITEA_BASE_URL, e.g. https://gitea.d-ma.be
DefaultToken string // GITEA_MCP_DEFAULT_TOKEN, fallback PAT when no Bearer header present (e.g. claude.ai)
AllowedOwners []string // GITEA_MCP_ALLOWED_OWNERS, comma-separated, default "mathias"
OriginAllowlist []string // GITEA_MCP_ORIGIN_ALLOWLIST, comma-separated
}
@@ -16,6 +17,7 @@ func Load() (Config, error) {
cfg := Config{
Port: envOr("GITEA_MCP_PORT", "8080"),
GiteaBaseURL: os.Getenv("GITEA_BASE_URL"),
DefaultToken: os.Getenv("GITEA_MCP_DEFAULT_TOKEN"),
AllowedOwners: splitCSV(envOr("GITEA_MCP_ALLOWED_OWNERS", "mathias")),
OriginAllowlist: splitCSV(os.Getenv("GITEA_MCP_ORIGIN_ALLOWLIST")),
}