domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

[BRANDING] X-Forgejo-OTP can be used instead of X-Gitea-OTP

Browse source 
(cherry picked from commit 7b0549cd70)
(cherry picked from commit 13e10a65d9)
(cherry picked from commit 89982e6c4a)
(cherry picked from commit a4acf6343d)
(cherry picked from commit 9886aec9f8)
(cherry picked from commit 1ee9bd7549)
(cherry picked from commit f343cf5597)
(cherry picked from commit eaca81faf4)
This commit is contained in:
Loïc Dachary 2023-02-24 14:24:29 +01:00 committed by Earl Warren
parent a83a971cdf
commit 480f8528f3
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
4 changed files with 34 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
modules/context/api.go
View file

@ -188,13 +188,20 @@ func (ctx *APIContext) SetLinkHeader(total, pageSize int) {
}
}
func getOtpHeader(header http.Header) string {
otpHeader := header.Get("X-Gitea-OTP")
if forgejoHeader := header.Get("X-Forgejo-OTP"); forgejoHeader != "" {
otpHeader = forgejoHeader
}
return otpHeader
}
// CheckForOTP validates OTP
func (ctx *APIContext) CheckForOTP() {
if skip, ok := ctx.Data["SkipLocalTwoFA"]; ok && skip.(bool) {
return // Skip 2FA
}
otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
twofa, err := auth.GetTwoFactorByUID(ctx.Context.Doer.ID)
if err != nil {
if auth.IsErrTwoFactorNotEnrolled(err) {
@ -203,7 +210,7 @@ func (ctx *APIContext) CheckForOTP() {
ctx.Context.Error(http.StatusInternalServerError)
return
}
ok, err := twofa.ValidateTOTP(otpHeader)
ok, err := twofa.ValidateTOTP(getOtpHeader(ctx.Req.Header))
if err != nil {
ctx.Context.Error(http.StatusInternalServerError)
return