summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--routers/repo/http.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go
index ef80f7ab02..30d382b8ef 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -174,7 +174,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return
}
- if ctx.IsBasicAuth {
+ if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {
_, err = models.GetTwoFactorByUID(ctx.User.ID)
if err == nil {
// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented