Document Reverse Proxy authentication for API (#84)

I figured out that the reverse proxy authentication for the API is supported (implemented with https://github.com/go-gitea/gitea/pull/26703). This will update the documentation to the current state.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Philipp Arndt <2f.mail@gmx.de>
Reviewed-on: https://gitea.com/gitea/docs/pulls/84
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: philipparndt <philipparndt@noreply.gitea.com>
Co-committed-by: philipparndt <philipparndt@noreply.gitea.com>

docs/usage/authentication.md

@@ -339,6 +339,13 @@ If set `ENABLE_REVERSE_PROXY_FULL_NAME=true`, a user full name expected in `X-WE
 
 You can also limit the reverse proxy's IP address range with `REVERSE_PROXY_TRUSTED_PROXIES` which default value is `127.0.0.0/8,::1/128`. By `REVERSE_PROXY_LIMIT`, you can limit trusted proxies level.
 
+You can enable the this authentication method for the API with
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
 :::note
-Reverse Proxy Auth doesn't support the API. You still need an access token or basic auth to make API requests.
+When this method is enabled for the API, the reverse proxy is responsible for handling CSRF protection.
 :::

i18n/zh-cn/docusaurus-plugin-content-docs/current/usage/authentication.md

@@ -281,4 +281,13 @@ ENABLE_REVERSE_PROXY_AUTHENTICATION = true
 
 你也可以通过修改 `REVERSE_PROXY_TRUSTED_PROXIES` 来设置反向代理的IP地址范围，加强安全性，默认值是 `127.0.0.0/8,::1/128`。 通过 `REVERSE_PROXY_LIMIT`， 可以设置最多信任几级反向代理。
 
-注意:反向代理认证不支持认证 API，API 仍旧需要用 access token 来进行认证。
+你可以通过以下配置为 API 启用此认证方法：
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
+:::note
+当此方法用于 API 时，反向代理负责处理 CSRF 保护。
+:::

i18n/zh-cn/docusaurus-plugin-content-docs/version-1.21/usage/authentication.md

@@ -284,4 +284,13 @@ ENABLE_REVERSE_PROXY_AUTHENTICATION = true
 
 你也可以通过修改 `REVERSE_PROXY_TRUSTED_PROXIES` 来设置反向代理的IP地址范围，加强安全性，默认值是 `127.0.0.0/8,::1/128`。 通过 `REVERSE_PROXY_LIMIT`， 可以设置最多信任几级反向代理。
 
-注意:反向代理认证不支持认证 API，API 仍旧需要用 access token 来进行认证。
+你可以通过以下配置为 API 启用此认证方法：
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
+:::note
+当此方法用于 API 时，反向代理负责处理 CSRF 保护。
+:::

i18n/zh-cn/docusaurus-plugin-content-docs/version-1.22/usage/authentication.md

@@ -284,4 +284,13 @@ ENABLE_REVERSE_PROXY_AUTHENTICATION = true
 
 你也可以通过修改 `REVERSE_PROXY_TRUSTED_PROXIES` 来设置反向代理的IP地址范围，加强安全性，默认值是 `127.0.0.0/8,::1/128`。 通过 `REVERSE_PROXY_LIMIT`， 可以设置最多信任几级反向代理。
 
-注意:反向代理认证不支持认证 API，API 仍旧需要用 access token 来进行认证。
+你可以通过以下配置为 API 启用此认证方法：
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
+:::note
+当此方法用于 API 时，反向代理负责处理 CSRF 保护。
+:::

versioned_docs/version-1.21/usage/authentication.md

@@ -342,6 +342,13 @@ If set `ENABLE_REVERSE_PROXY_FULL_NAME=true`, a user full name expected in `X-WE
 
 You can also limit the reverse proxy's IP address range with `REVERSE_PROXY_TRUSTED_PROXIES` which default value is `127.0.0.0/8,::1/128`. By `REVERSE_PROXY_LIMIT`, you can limit trusted proxies level.
 
+You can enable the this authentication method for the API with
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
 :::note
-Reverse Proxy Auth doesn't support the API. You still need an access token or basic auth to make API requests.
+When this method is enabled for the API, the reverse proxy is responsible for handling CSRF protection.
 :::

versioned_docs/version-1.22/usage/authentication.md

@@ -342,6 +342,13 @@ If set `ENABLE_REVERSE_PROXY_FULL_NAME=true`, a user full name expected in `X-WE
 
 You can also limit the reverse proxy's IP address range with `REVERSE_PROXY_TRUSTED_PROXIES` which default value is `127.0.0.0/8,::1/128`. By `REVERSE_PROXY_LIMIT`, you can limit trusted proxies level.
 
+You can enable the this authentication method for the API with
+
+```ini
+[service]
+ENABLE_REVERSE_PROXY_AUTHENTICATION_API = true
+```
+
 :::note
-Reverse Proxy Auth doesn't support the API. You still need an access token or basic auth to make API requests.
+When this method is enabled for the API, the reverse proxy is responsible for handling CSRF protection.
 :::