public/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-29 10:57:44 +09:00
Code Issues Packages Projects Releases Wiki Activity

API OTP Context (#6674)

Browse Source 
* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
This commit is contained in:
techknowlogick
2019-04-19 04:59:26 -04:00
committed by Lauris BH
parent dae94e33be
commit 19ec2606e9
4 changed files with 56 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
modules/context/api.go
View File

@@ -114,6 +114,28 @@ func (ctx *APIContext) RequireCSRF() {
}
}
// CheckForOTP validateds OTP
func (ctx *APIContext) CheckForOTP() {
otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
twofa, err := models.GetTwoFactorByUID(ctx.Context.User.ID)
if err != nil {
if models.IsErrTwoFactorNotEnrolled(err) {
return // No 2FA enrollment for this user
}
ctx.Context.Error(500)
return
}
ok, err := twofa.ValidateTOTP(otpHeader)
if err != nil {
ctx.Context.Error(500)
return
}
if !ok {
ctx.Context.Error(401)
return
}
}
// APIContexter returns apicontext as macaron middleware
func APIContexter() macaron.Handler {
return func(c *Context) {