From 19ec2606e91610421a3e9cd87c94748ef07ca468 Mon Sep 17 00:00:00 2001
From: techknowlogick <matti@mdranta.net>
Date: Fri, 19 Apr 2019 04:59:26 -0400
Subject: API OTP Context (#6674)

* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
---
 modules/context/api.go | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'modules/context/api.go')

diff --git a/modules/context/api.go b/modules/context/api.go
index 7e43d1f6bc..cbabfe40e1 100644
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -114,6 +114,28 @@ func (ctx *APIContext) RequireCSRF() {
 	}
 }
 
+// CheckForOTP validateds OTP
+func (ctx *APIContext) CheckForOTP() {
+	otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
+	twofa, err := models.GetTwoFactorByUID(ctx.Context.User.ID)
+	if err != nil {
+		if models.IsErrTwoFactorNotEnrolled(err) {
+			return // No 2FA enrollment for this user
+		}
+		ctx.Context.Error(500)
+		return
+	}
+	ok, err := twofa.ValidateTOTP(otpHeader)
+	if err != nil {
+		ctx.Context.Error(500)
+		return
+	}
+	if !ok {
+		ctx.Context.Error(401)
+		return
+	}
+}
+
 // APIContexter returns apicontext as macaron middleware
 func APIContexter() macaron.Handler {
 	return func(c *Context) {
-- 
cgit v1.2.3