diff options
| author | KN4CK3R <admin@oldschoolhack.me> | 2023-11-06 23:06:21 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-06 23:06:21 +0100 |
| commit | 00705da102be929dfa41519b030be3bdd8c68472 (patch) | |
| tree | c07d7e58e8907317ea32b4397f3a7886c2e945df /routers | |
| parent | 4a48370d91354c2857ade10a177c8827b5866e4c (diff) | |
| download | gitea-00705da102be929dfa41519b030be3bdd8c68472.tar.gz gitea-00705da102be929dfa41519b030be3bdd8c68472.zip | |
Unify two factor check (#27915) (#27939)
Backport of #27915
Fixes #27819
We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/api/v1/api.go | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 0f7027909d..6d55e8c223 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -315,10 +315,6 @@ func reqToken() func(ctx *context.APIContext) { return } - if ctx.IsBasicAuth { - ctx.CheckForOTP() - return - } if ctx.IsSigned { return } @@ -340,7 +336,6 @@ func reqBasicAuth() func(ctx *context.APIContext) { ctx.Error(http.StatusUnauthorized, "reqBasicAuth", "auth required") return } - ctx.CheckForOTP() } } @@ -687,12 +682,6 @@ func bind[T any](_ T) any { } } -// The OAuth2 plugin is expected to be executed first, as it must ignore the user id stored -// in the session (if there is a user id stored in session other plugins might return the user -// object for that id). -// -// The Session plugin is expected to be executed second, in order to skip authentication -// for users that have already signed in. func buildAuthGroup() *auth.Group { group := auth.NewGroup( &auth.OAuth2{}, |