Description
Feature Description
currently: if using ssh certificates, before first use, user needs to log into gitea on the web, go to settings, and type their gitea username into the principals field.
feature request:
Add a global setting to automatically set the ssh principals linked to a user,
based on their username or email (whichever one is enabled in SSH_AUTHORIZED_PRINCIPALS_ALLOW)
my environment has OIDC login, and oidc provisioned ssh keys,
but currently after logging in, you need to go to the ssh settings page and add a principal for your username
My suggestion is to add a setting called SSH_AUTHORIZED_PRINCIPALS_FORCE, defaults to false.
if this is set to true, then when a new (or existing) user signs in,
gitea will set the principals to their username and/or email, user cant edit them, but can immediately push to gitea with their ssh certificate
Screenshots
No response