diff options
| author | zeripath <art27@cantab.net> | 2021-05-19 03:30:33 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-18 22:30:33 -0400 |
| commit | 0e56e9c9d91c24a19c0bcbb521f671b230e6ba2a (patch) | |
| tree | 81de50b9b5efaccbf858e417bc189621d4f96f0a | |
| parent | 825547b20ea8a91dfa5c0a9ce3480517b5949d26 (diff) | |
| download | gitea-0e56e9c9d91c24a19c0bcbb521f671b230e6ba2a.tar.gz gitea-0e56e9c9d91c24a19c0bcbb521f671b230e6ba2a.zip | |
Restore token authentication for git http when 2FA active (#15915)
There was a small regression in #15303 whereby token auth
with 2FA active would be disallowed.
This PR fixes this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
| -rw-r--r-- | routers/repo/http.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go index ef80f7ab02..30d382b8ef 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -174,7 +174,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) { return } - if ctx.IsBasicAuth { + if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true { _, err = models.GetTwoFactorByUID(ctx.User.ID) if err == nil { // TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented |