Go-Gitea
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gitea/cmd
History
wxiaoguang 0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 		2025-04-28 15:31:59 -07:00
..
actions.go Return `responseText` instead of string in some functions (#28836) 2024-01-19 10:45:23 +08:00
admin.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
admin_auth.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
admin_auth_ldap.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_auth_ldap_test.go Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
admin_auth_oauth.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_auth_stmp.go Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 2025-04-28 15:31:59 -07:00
admin_regenerate.go Move some asymkey functions to service layer (#28894) 2024-03-04 08:57:39 +00:00
admin_user.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
admin_user_change_password.go Add some tests to clarify the "must-change-password" behavior (#30693) 2024-04-27 12:23:37 +00:00
admin_user_create.go Add "--fullname" arg to gitea admin user create (#34241) 2025-04-19 23:36:30 +08:00
admin_user_create_test.go Add "--fullname" arg to gitea admin user create (#34241) 2025-04-19 23:36:30 +08:00
admin_user_delete.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
admin_user_generate_access_token.go Add new CLI flags to set name and scopes when creating a user with access token (#34080) 2025-04-02 22:00:54 +08:00
admin_user_list.go Reduce usage of `db.DefaultContext` (#27073) 2023-09-14 17:09:32 +00:00
admin_user_must_change_password.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
cert.go Expanded minimum RSA Keylength to 3072 (#26604) 2023-08-28 00:53:16 +00:00
cmd.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
docs.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
doctor.go enable staticcheck QFxxxx rules (#34064) 2025-03-29 17:32:28 -04:00
doctor_convert.go Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662) 2024-01-10 11:03:23 +00:00
doctor_test.go Move doctor package from modules to services (#28856) 2024-01-20 10:07:31 +08:00
dump.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
dump_repo.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
embedded.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
generate.go Refactor JWT secret generating & decoding code (#29172) 2024-02-16 15:18:30 +00:00
hook.go Remove context from git struct (#33793) 2025-03-04 11:56:11 -08:00
hook_test.go Use test context in tests and new loop system in benchmarks (#33648) 2025-02-20 09:57:40 +00:00
keys.go Refactor cmd setup and remove deadcode (#29313) 2024-02-22 07:04:30 +00:00
mailer.go Return `responseText` instead of string in some functions (#28836) 2024-01-19 10:45:23 +08:00
main.go unset XDG_HOME_CONFIG as gitea manages configuration locations (#33067) 2025-01-02 06:37:35 +08:00
main_test.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
manager.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
manager_logging.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
migrate.go Add global lock for migrations to make upgrade more safe with multiple replications (#33706) 2025-03-07 21:08:53 +00:00
migrate_storage.go Add global lock for migrations to make upgrade more safe with multiple replications (#33706) 2025-03-07 21:08:53 +00:00
migrate_storage_test.go Enable testifylint rules (#34075) 2025-03-31 01:53:48 -04:00
restore_repo.go Refactor to use urfave/cli/v2 (#25959) 2023-07-21 17:28:19 +08:00
serv.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
web.go Uniform all temporary directories and allow customizing temp path (#32352) 2025-04-08 16:15:28 +00:00
web_acme.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
web_graceful.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
web_https.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00