From 6d371c13d771add2c62f80834c04ae8652349b8e Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sun, 4 May 2025 09:04:07 +0200
Subject: [PATCH 1/3] Use secrets module to generate token nonce

---
 transip_client/main.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/transip_client/main.py b/transip_client/main.py
index b451d6b..35030f7 100644
--- a/transip_client/main.py
+++ b/transip_client/main.py
@@ -1,9 +1,9 @@
 import base64
 import json
 import logging
-import time
 
 from concurrent.futures import ThreadPoolExecutor, as_completed
+from secrets import token_urlsafe
 from typing import Generator
 
 import requests
@@ -28,7 +28,7 @@ def _get_token(private_key_path: str, login: str, api_url: str) -> str:
         f"{api_url}/auth",
         json={
             "login": login,
-            "nonce": str(int(time.time() * 1000)),
+            "nonce": token_urlsafe(),
             "read_only": False,
             "expiration_time": "30 minutes",
             "label": "Trans IP client",

From e598e8f1ed6c259299de25d3e9251b9e56fcf9b7 Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sun, 4 May 2025 09:36:32 +0200
Subject: [PATCH 2/3] Add publish CI job

---
 .woodpecker/publish.yaml | 12 ++++++++++++
 pyproject.toml           |  6 ++++++
 2 files changed, 18 insertions(+)
 create mode 100644 .woodpecker/publish.yaml

diff --git a/.woodpecker/publish.yaml b/.woodpecker/publish.yaml
new file mode 100644
index 0000000..18ecb26
--- /dev/null
+++ b/.woodpecker/publish.yaml
@@ -0,0 +1,12 @@
+when:
+  - event: tag
+
+steps:
+  - name: publish package
+    image: ghcr.io/astral-sh/uv:python3.11-alpine
+    commands:
+      - uv build
+      - uv publish --index forgejo
+    environment:
+      UV_PUBLISH_TOKEN:
+        from_secret: publish_token
diff --git a/pyproject.toml b/pyproject.toml
index 54b502c..d5e3da0 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -23,6 +23,12 @@ sentry-enabled = ["sentry_sdk>=0.19.5"]
 [tool.setuptools.packages]
 find = {include = ["transip_client"]}
 
+[[tool.uv.index]]
+name = "forgejo"
+url = "https://forgejo.fudiggity.nl/sonny/transip-client/packages"
+publish-url = "https://forgejo.fudiggity.nl/api/packages/sonny/pypi"
+explicit = true
+
 [project.scripts]
 transip-update = "transip_client.cli:update"
 

From 90f9873cadcba24947c9caa3a214c333040924c8 Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sun, 4 May 2025 09:38:28 +0200
Subject: [PATCH 3/3] Allow test jobs to be ran manually

---
 .woodpecker/tests.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.woodpecker/tests.yaml b/.woodpecker/tests.yaml
index e64b9d6..ba3a4ad 100644
--- a/.woodpecker/tests.yaml
+++ b/.woodpecker/tests.yaml
@@ -1,5 +1,6 @@
 when:
   - event: push
+  - event: manual
 
 steps:
   - name: python tests