github/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-06-04 06:00:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
51aafb4278
gitea/services/context
History
wxiaoguang 0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
..
upload enable staticcheck QFxxxx rules (#34064) 2025-03-29 17:32:28 -04:00
access_log_test.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
access_log.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
api_org.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
api_test.go Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
api.go Improve "not found" error messages for API (#34267) 2025-04-23 17:42:50 +08:00
base_form.go [Feature] Private README.md for organization (#32872) 2024-12-31 04:22:09 +00:00
base_path.go Clarify path param naming (#32969) 2024-12-24 13:47:45 +00:00
base_test.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
base.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
captcha.go Refactor template & test related code (#32938) 2024-12-22 15:33:19 +00:00
context_cookie.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
context_model.go Refactor context repository (#33202) 2025-01-12 03:39:46 +00:00
context_request.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
context_response.go Do not show 500 error when default branch doesn't exist (#34096) 2025-04-01 21:39:00 -07:00
context_template.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
context_test.go Refactor request context (#32956) 2024-12-24 11:43:57 +08:00
context.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
csrf.go Refactor CSRF token (#32216) 2024-10-10 03:48:21 +00:00
org.go Fix team permission (#34128) 2025-04-08 04:15:15 +00:00
package.go Add a config option to block "expensive" pages for anonymous users (#34024) 2025-03-30 05:26:19 +00:00
pagination.go Only use prev and next buttons for pagination on user dashboard (#33981) 2025-03-23 19:52:43 +00:00
permission.go Refactor error system (#33610) 2025-02-16 22:13:17 -08:00
private.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
repo.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
response.go Remove duplicate "ResponseWriter.Status" method (#33346) 2025-01-22 06:37:52 +00:00
user.go Refactor error system (#33626) 2025-02-17 12:41:03 -08:00
utils.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
xsrf_test.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
xsrf.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00