-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Two factor authentication support #630
Conversation
Signed-off-by: Andrew <write@imaginarycode.com>
Looking good so far. I'll fetch and checkout this branch later. Merging this will be awesome! |
@minecrafter Is this ready for review? not WIP? |
m.Get("/2fa", user.ShowTwofa) | ||
m.Post("/2fa", bindIgnErr(auth.TwofaAuthForm{}), user.TwofaPost) | ||
m.Get("/2fa_scratch", user.TwofaScratch) | ||
m.Post("/2fa_scratch", bindIgnErr(auth.TwofaScratchAuthForm{}), user.TwofaScratchPost) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since there are many endpoints it might be better to use the following structure and change 2fa_scratch to be 2fa/scratch.
m.Group("/2fa", func() {
m.Get("", user.ShowTwofa)
[...]
})
m.Post("/2fa/regenerate_scratch", user.SettingsTwofaRegenerateScratch) | ||
m.Post("/2fa/disable", user.SettingsTwofaDisable) | ||
m.Get("/2fa/enroll", user.SettingsTwofaEnroll) | ||
m.Post("/2fa/enroll", bindIgnErr(auth.TwofaAuthForm{}), user.SettingsTwofaEnrollPost) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here
@lunny It's a WIP still. I will probably finish it up this week. |
Have some time to work on this - going to be improving the code and finalizing everything. |
Ready to get this pull request reviewed. |
LGTM, Good Job! |
|
||
handleSignInFull(ctx, u, remember, false) | ||
ctx.Flash.Info(ctx.Tr("auth.twofa_scratch_used")) | ||
ctx.Redirect(setting.AppSubURL + "/user/settings/twofa") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be 2fa
instead of twofa
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
^
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
I would prefer if you changed "twofa" to "twofactor" instead, it makes it easier to read since we can't do "2fa" or "TwoFA" :) |
Just tried it locally and it seems to be working just fine. |
Thanks! 👍 @bkcsoft I might consider doing so, but otherwise it works well so it's more of a cosmetic issue. |
@minecrafter can't wait to merge it. When would you like to push a commit for @bkcsoft's advice? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
otherwise LGTM
// Twofa represents a two-factor authentication token. | ||
type Twofa struct { | ||
// TwoFactor represents a two-factor authentication token. | ||
type TwoFactor struct { | ||
ID int64 `xorm:"pk autoincr"` | ||
UID int64 `xorm:"UNIQUE INDEX"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's no need for both UNIQUE
and INDEX
, chose one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
Let L-G-T-M work |
Thanks! |
No problem! 😄 |
This PR is still a work in progress and therefore I do not recommend pulling this just yet.This adds two-factor authentication support to Gitea, resolving #179. As I'm new to Gitea and fairly new to Go, I'm looking for friendly input.
There are a few issues that need to be looked at: