Add SkipLocal2FA option to other pam and smtp sources

Extend go-gitea#16954 to allow setting skip local 2fa on pam and SMTP authentication sources

Signed-off-by: Andrew Thornton <art27@cantab.net>

Author: zeripath

routers/web/admin/auths.go

@@ -159,6 +159,7 @@ func parseSMTPConfig(form forms.AuthenticationForm) *smtp.Source {
 		SkipVerify:     form.SkipVerify,
 		HeloHostname:   form.HeloHostname,
 		DisableHelo:    form.DisableHelo,
+		SkipLocalTwoFA: form.SkipLocalTwoFA,
 	}
 }
 
@@ -242,8 +243,9 @@ func NewAuthSourcePost(ctx *context.Context) {
 		hasTLS = true
 	case models.LoginPAM:
 		config = &pamService.Source{
-			ServiceName: form.PAMServiceName,
-			EmailDomain: form.PAMEmailDomain,
+			ServiceName:    form.PAMServiceName,
+			EmailDomain:    form.PAMEmailDomain,
+			SkipLocalTwoFA: form.SkipLocalTwoFA,
 		}
 	case models.LoginOAuth2:
 		config = parseOAuth2Config(form)

services/auth/source/pam/source.go

@@ -18,8 +18,9 @@ import (
 
 // Source holds configuration for the PAM login source.
 type Source struct {
-	ServiceName string // pam service (e.g. system-auth)
-	EmailDomain string
+	ServiceName    string // pam service (e.g. system-auth)
+	EmailDomain    string
+	SkipLocalTwoFA bool // Skip Local 2fa for users authenticated with this source
 
 	// reference to the loginSource
 	loginSource *models.LoginSource

services/auth/source/pam/source_authenticate.go

@@ -68,3 +68,8 @@ func (source *Source) Authenticate(user *models.User, login, password string) (*
 
 	return user, nil
 }
+
+// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
+func (source *Source) IsSkipLocalTwoFA() bool {
+	return source.SkipLocalTwoFA
+}

services/auth/source/smtp/source.go

@@ -26,6 +26,7 @@ type Source struct {
 	SkipVerify     bool
 	HeloHostname   string
 	DisableHelo    bool
+	SkipLocalTwoFA bool
 
 	// reference to the loginSource
 	loginSource *models.LoginSource

services/auth/source/smtp/source_authenticate.go

@@ -84,3 +84,8 @@ func (source *Source) Authenticate(user *models.User, login, password string) (*
 
 	return user, nil
 }
+
+// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
+func (source *Source) IsSkipLocalTwoFA() bool {
+	return source.SkipLocalTwoFA
+}

templates/admin/auth/edit.tmpl

@@ -215,6 +215,13 @@
 						<input id="allowed_domains" name="allowed_domains" value="{{$cfg.AllowedDomains}}">
 						<p class="help">{{.i18n.Tr "admin.auths.allowed_domains_helper"}}</p>
 					</div>
+					<div class="optional field">
+						<div class="ui checkbox">
+							<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
+							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
+							<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
+						</div>
+					</div>
 				{{end}}
 
 				<!-- PAM -->
@@ -228,6 +235,13 @@
 						<label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
 						<input id="pam_email_domain" name="pam_email_domain" value="{{$cfg.EmailDomain}}">
 					</div>
+					<div class="optional field">
+						<div class="ui checkbox">
+							<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
+							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
+							<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
+						</div>
+					</div>
 				{{end}}
 
 				<!-- OAuth2 -->

templates/admin/auth/new.tmpl

@@ -41,6 +41,13 @@
 					<label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
 					<input id="pam_email_domain" name="pam_email_domain" value="{{.pam_email_domain}}">
 				</div>
+				<div class="pam optional field {{if not (eq .type 4)}}hide{{end}}">
+					<div class="ui checkbox">
+						<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
+						<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if .skip_local_two_fa}}checked{{end}}>
+						<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
+					</div>
+				</div>
 
 				<!-- OAuth2 -->
 				{{ template "admin/auth/source/oauth" . }}

templates/admin/auth/source/smtp.tmpl

@@ -49,4 +49,11 @@
 		<input id="allowed_domains" name="allowed_domains" value="{{.allowed_domains}}">
 		<p class="help">{{.i18n.Tr "admin.auths.allowed_domains_helper"}}</p>
 	</div>
+	<div class="optional field">
+		<div class="ui checkbox">
+			<label for="skip_local_two_fa"><strong>{{.i18n.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
+			<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if .skip_local_two_fa}}checked{{end}}>
+			<p class="help">{{.i18n.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
+		</div>
+	</div>
 </div>