github/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-05-28 10:35:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
0148d03f21
gitea/modules
History
wxiaoguang 0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
..
actions Get changed files based on merge base when checking pull_request actions trigger (#34106) 2025-04-03 05:13:16 +00:00
activitypub Enable tenv and testifylint rules (#32852) 2024-12-15 10:41:29 +00:00
analyze Refactor older tests to use testify (#33140) 2025-01-09 09:21:47 +08:00
assetfs Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
auth Fix pam auth test regression (#33169) 2025-01-09 21:09:11 +08:00
avatar Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
badge Add flat-square action badge style (#34062) 2025-04-01 09:42:10 +00:00
base Add material icons for file list (#33837) 2025-03-10 15:57:17 +08:00
cache Add cache for common package queries (#22491) 2025-04-13 09:40:36 +00:00
cachegroup Cache GPG keys, emails and users when list commits (#34086) 2025-04-09 16:34:38 +00:00
charset Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
container Refactor sidebar assignee&milestone&project selectors (#32465) 2024-11-11 04:07:54 +08:00
csv Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
dump Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
emoji Refactor older tests to use testify (#33140) 2025-01-09 09:21:47 +08:00
eventsource Refactor older tests to use testify (#33140) 2025-01-09 09:21:47 +08:00
fileicon Keep file tree view icons consistent with icon theme (#33921) 2025-04-06 19:35:08 +00:00
generate Refactor JWT secret generating & decoding code (#29172) 2024-02-16 15:18:30 +00:00
git Add API endpoint to request contents of multiple files simultaniously (#34139) 2025-04-22 01:20:11 +08:00
gitrepo Refactor Branch struct in package modules/git (#33980) 2025-04-02 17:31:32 +00:00
globallock Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
graceful Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
gtprof enable staticcheck QFxxxx rules (#34064) 2025-03-29 17:32:28 -04:00
hcaptcha Consume hcaptcha and pwn deps (#22610) 2023-01-29 09:49:51 -06:00
highlight Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
hostmatcher Support allowed hosts for migrations to work with proxy (#32025) 2024-09-11 05:47:00 +00:00
htmlutil Refactor HTMLFormat, update chroma render, fix js error (#33136) 2025-01-08 03:44:32 +00:00
httpcache Refactor cache-control (#33861) 2025-03-13 07:04:50 +08:00
httplib Make public URL generation configurable (#34250) 2025-04-22 06:49:37 +08:00
indexer update go&js dependencies (#34262) 2025-04-23 21:22:40 +00:00
issue/template Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
json Fix some migration and repo name problems (#33986) 2025-03-24 20:26:58 -07:00
label feat: Add sorting by exclusive labels (issue priority) (#33206) 2025-04-10 17:18:07 +00:00
lfs Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
lfstransfer Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
log Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
markup Valid email address should only start with alphanumeric (#28174) 2025-04-20 19:18:14 +08:00
mcaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
metrics Rename project board -> column to make the UI less confusing (#30170) 2024-05-27 08:59:54 +00:00
migration remove context from retry downloader (#33871) 2025-03-14 00:28:57 +00:00
nosql Refactor older tests to use testify (#33140) 2025-01-09 09:21:47 +08:00
optional Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00
paginator Only use prev and next buttons for pagination on user dashboard (#33981) 2025-03-23 19:52:43 +00:00
pprof Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
private Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
process Use test context in tests and new loop system in benchmarks (#33648) 2025-02-20 09:57:40 +00:00
proxy Use proxy for pull mirror (#22771) 2023-02-11 08:39:50 +08:00
proxyprotocol Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
public Refactor cache-control (#33861) 2025-03-13 07:04:50 +08:00
queue Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
recaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
references Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
regexplru Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
repository Move and rename UpdateRepository (#34136) 2025-04-12 18:22:18 +00:00
reqctx Add material icons for file list (#33837) 2025-03-10 15:57:17 +08:00
secret Upgrade golangci-lint to v1.64.5 (#33654) 2025-02-21 00:05:40 +08:00
session Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
setting Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
sitemap Fix sitemap (#22272) 2022-12-30 23:31:00 +08:00
ssh Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00
storage Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
structs Update token creation API swagger documentation (#34288) 2025-04-27 05:32:15 +00:00
svg Add sub issue list support (#32940) 2024-12-24 01:54:19 +00:00
sync Use global lock instead of NewExclusivePool to allow distributed lock between multiple Gitea instances (#31813) 2024-09-06 10:12:41 +00:00
system Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
tailmsg Support performance trace (#32973) 2025-01-21 18:57:07 +00:00
tempdir Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00
templates Fix various trivial frontend problems (#34263) 2025-04-24 09:11:54 +08:00
test Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
testlogger Use test context in tests and new loop system in benchmarks (#33648) 2025-02-20 09:57:40 +00:00
timeutil Refactor DateUtils and merge TimeSince (#32409) 2024-11-04 11:30:00 +00:00
translation Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
turnstile Add new captcha: cloudflare turnstile (#22369) 2023-02-05 15:29:03 +08:00
typesniffer Add avif image file support (#32508) 2024-11-15 00:55:50 +00:00
updatechecker Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
uri Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
user Refactor older tests to use testify (#33140) 2025-01-09 09:21:47 +08:00
util Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00
validation Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
web Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
webhook Add workflow_job webhook (#33694) 2025-03-11 10:40:38 -07:00
zstd Support compression for Actions logs (#31761) 2024-08-09 10:10:30 +08:00