diff options
author | KN4CK3R <admin@oldschoolhack.me> | 2023-11-06 09:22:39 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-06 08:22:39 +0000 |
commit | 4f4fea734cbd97fbc606e772999a8ac7a93dc46b (patch) | |
tree | 6ad7eb98e7966c5a45f35b31f764b25db379ce97 /modules | |
parent | 8557a9455b06c2e17982e9bae5263617500cf5b4 (diff) | |
download | gitea-4f4fea734cbd97fbc606e772999a8ac7a93dc46b.tar.gz gitea-4f4fea734cbd97fbc606e772999a8ac7a93dc46b.zip |
Unify two factor check (#27915)
Fixes #27819
We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
Diffstat (limited to 'modules')
-rw-r--r-- | modules/context/api.go | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/modules/context/api.go b/modules/context/api.go index a46af6ed78..ba35adf831 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -11,7 +11,6 @@ import ( "net/url" "strings" - "code.gitea.io/gitea/models/auth" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/models/unit" user_model "code.gitea.io/gitea/models/user" @@ -211,32 +210,6 @@ func (ctx *APIContext) SetLinkHeader(total, pageSize int) { } } -// CheckForOTP validates OTP -func (ctx *APIContext) CheckForOTP() { - if skip, ok := ctx.Data["SkipLocalTwoFA"]; ok && skip.(bool) { - return // Skip 2FA - } - - otpHeader := ctx.Req.Header.Get("X-Gitea-OTP") - twofa, err := auth.GetTwoFactorByUID(ctx, ctx.Doer.ID) - if err != nil { - if auth.IsErrTwoFactorNotEnrolled(err) { - return // No 2FA enrollment for this user - } - ctx.Error(http.StatusInternalServerError, "GetTwoFactorByUID", err) - return - } - ok, err := twofa.ValidateTOTP(otpHeader) - if err != nil { - ctx.Error(http.StatusInternalServerError, "ValidateTOTP", err) - return - } - if !ok { - ctx.Error(http.StatusUnauthorized, "", nil) - return - } -} - // APIContexter returns apicontext as middleware func APIContexter() func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { |