core
/
gitea
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Restore token authentication for git http when 2FA active (#15915) 

There was a small regression in #15303 whereby token auth
with 2FA active would be disallowed.

This PR fixes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
This commit is contained in:
zeripath 2021-05-19 03:30:33 +01:00 committed by GitHub
parent 825547b20e
commit 0e56e9c9d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
routers/repo/http.go
View File

@ -174,7 +174,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return return
} }
if ctx.IsBasicAuth { if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {
_, err = models.GetTwoFactorByUID(ctx.User.ID) _, err = models.GetTwoFactorByUID(ctx.User.ID)
if err == nil { if err == nil {
// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented // TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented