mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-08-19 17:01:12 +00:00
23e6ca0415- Currently during external login (such as OAuth2), if the user is
enrolled into Webauthn and not enrolled into TOTP then no 2FA is being
done during external login and when account linking is set to `auto` then
also during automatic linking. This results in bypassing the 2FA of the
user.
- Create a new unified function that checks if the user is enrolled into
2FA and use this when necessary. Rename the old `HasTwoFactorByUID`
function to `HasTOTPByUID` which is a more appropiate naming.
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| TestOrphanedOAuth2Applications | ||
| access_token.go | ||
| access_token_scope.go | ||
| access_token_scope_test.go | ||
| access_token_test.go | ||
| auth_token.go | ||
| main_test.go | ||
| oauth2.go | ||
| oauth2_list.go | ||
| oauth2_test.go | ||
| session.go | ||
| session_test.go | ||
| source.go | ||
| source_test.go | ||
| two_factor.go | ||
| two_factor_test.go | ||
| twofactor.go | ||
| webauthn.go | ||
| webauthn_test.go | ||