API OTP Context (#6674)

* API OTP Context * Update api.go * token * token * fix per discord * copyright header * remove check for token in OTP * Update auth.go * simplify * Update api.go
author: techknowlogick <matti@mdranta.net> 2019-04-19 04:59:26 -0400
committer: Lauris BH <lauris@nix.lv> 2019-04-19 11:59:26 +0300
commit: 19ec2606e91610421a3e9cd87c94748ef07ca468 (patch)
tree: c1898300efe5ad0bd2fa07ab3268d21804c6b5ed /modules/context/api.go
parent: dae94e33be52ca8749421165ee662d7f1300d115 (diff)
download: gitea-19ec2606e91610421a3e9cd87c94748ef07ca468.tar.gz
gitea-19ec2606e91610421a3e9cd87c94748ef07ca468.zip
1 files changed, 22 insertions, 0 deletions
diff --git a/modules/context/api.go b/modules/context/api.go
index 7e43d1f6bc..cbabfe40e1 100644
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -114,6 +114,28 @@ func (ctx *APIContext) RequireCSRF() {
 	}
 }
 
+// CheckForOTP validateds OTP
+func (ctx *APIContext) CheckForOTP() {
+	otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
+	twofa, err := models.GetTwoFactorByUID(ctx.Context.User.ID)
+	if err != nil {
+		if models.IsErrTwoFactorNotEnrolled(err) {
+			return // No 2FA enrollment for this user
+		}
+		ctx.Context.Error(500)
+		return
+	}
+	ok, err := twofa.ValidateTOTP(otpHeader)
+	if err != nil {
+		ctx.Context.Error(500)
+		return
+	}
+	if !ok {
+		ctx.Context.Error(401)
+		return
+	}
+}
+
 // APIContexter returns apicontext as macaron middleware
 func APIContexter() macaron.Handler {
 	return func(c *Context) {
author	techknowlogick <matti@mdranta.net>	2019-04-19 04:59:26 -0400
committer	Lauris BH <lauris@nix.lv>	2019-04-19 11:59:26 +0300
commit	19ec2606e91610421a3e9cd87c94748ef07ca468 (patch)
tree	c1898300efe5ad0bd2fa07ab3268d21804c6b5ed /modules/context/api.go
parent	dae94e33be52ca8749421165ee662d7f1300d115 (diff)
download	gitea-19ec2606e91610421a3e9cd87c94748ef07ca468.tar.gz gitea-19ec2606e91610421a3e9cd87c94748ef07ca468.zip