github/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-05-25 00:44:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
51aafb4278
gitea/cmd
History
wxiaoguang 0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
..
actions.go Return responseText instead of string in some functions (#28836) 2024-01-19 10:45:23 +08:00
admin_auth_ldap_test.go Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
admin_auth_ldap.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_auth_oauth.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_auth_stmp.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_auth.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
admin_regenerate.go Move some asymkey functions to service layer (#28894) 2024-03-04 08:57:39 +00:00
admin_user_change_password.go Add some tests to clarify the "must-change-password" behavior (#30693) 2024-04-27 12:23:37 +00:00
admin_user_create_test.go Add "--fullname" arg to gitea admin user create (#34241) 2025-04-19 23:36:30 +08:00
admin_user_create.go Add "--fullname" arg to gitea admin user create (#34241) 2025-04-19 23:36:30 +08:00
admin_user_delete.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
admin_user_generate_access_token.go Add new CLI flags to set name and scopes when creating a user with access token (#34080) 2025-04-02 22:00:54 +08:00
admin_user_list.go Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
admin_user_must_change_password.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
admin_user.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
admin.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
cert.go Expanded minimum RSA Keylength to 3072 (#26604) 2023-08-28 00:53:16 +00:00
cmd.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
docs.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
doctor_convert.go Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662) 2024-01-10 11:03:23 +00:00
doctor_test.go Move doctor package from modules to services (#28856) 2024-01-20 10:07:31 +08:00
doctor.go enable staticcheck QFxxxx rules (#34064) 2025-03-29 17:32:28 -04:00
dump_repo.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
dump.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
embedded.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
generate.go Refactor JWT secret generating & decoding code (#29172) 2024-02-16 15:18:30 +00:00
hook_test.go Use test context in tests and new loop system in benchmarks (#33648) 2025-02-20 09:57:40 +00:00
hook.go Remove context from git struct (#33793) 2025-03-04 11:56:11 -08:00
keys.go Refactor cmd setup and remove deadcode (#29313) 2024-02-22 07:04:30 +00:00
mailer.go Return responseText instead of string in some functions (#28836) 2024-01-19 10:45:23 +08:00
main_test.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
main.go unset XDG_HOME_CONFIG as gitea manages configuration locations (#33067) 2025-01-02 06:37:35 +08:00
manager_logging.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
manager.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
migrate_storage_test.go Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
migrate_storage.go Add global lock for migrations to make upgrade more safe with multiple replications (#33706) 2025-03-07 21:08:53 +00:00
migrate.go Add global lock for migrations to make upgrade more safe with multiple replications (#33706) 2025-03-07 21:08:53 +00:00
restore_repo.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
serv.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
web_acme.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
web_graceful.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
web_https.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
web.go Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00