mirrors/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-11-02 15:31:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'rebase-v1.21/forgejo-branding' into wip-v1.21-forgejo

Browse source
This commit is contained in:
Earl Warren 2023-11-13 16:47:18 +01:00
commit 8869464c1d
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
125 changed files with 1181 additions and 298 deletions
Download patch file Download diff file Expand all files Collapse all files

10
services/auth/basic.go
View file

@ -143,6 +143,14 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
return u, nil
}
func getOtpHeader(header http.Header) string {
otpHeader := header.Get("X-Gitea-OTP")
if forgejoHeader := header.Get("X-Forgejo-OTP"); forgejoHeader != "" {
otpHeader = forgejoHeader
}
return otpHeader
}
func validateTOTP(req *http.Request, u *user_model.User) error {
twofa, err := auth_model.GetTwoFactorByUID(req.Context(), u.ID)
if err != nil {
@ -152,7 +160,7 @@ func validateTOTP(req *http.Request, u *user_model.User) error {
}
return err
}
if ok, err := twofa.ValidateTOTP(req.Header.Get("X-Gitea-OTP")); err != nil {
if ok, err := twofa.ValidateTOTP(getOtpHeader(req.Header)); err != nil {
return err
} else if !ok {
return util.NewInvalidArgumentErrorf("invalid provided OTP")