nune/gitea
nune/gitea
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Fix basic auth with webauthn (#32531)

Browse source
This commit is contained in:
Lunny Xiao 2024-11-16 09:52:16 -08:00 committed by GitHub
parent 5eebe1dc5f
commit c3dedcffa7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 63 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
services/auth/basic.go
View file

@ -5,6 +5,7 @@
package auth
import (
"errors"
"net/http"
"strings"
@ -141,6 +142,15 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
}
if skipper, ok := source.Cfg.(LocalTwoFASkipper); !ok || !skipper.IsSkipLocalTwoFA() {
// Check if the user has webAuthn registration
hasWebAuthn, err := auth_model.HasWebAuthnRegistrationsByUID(req.Context(), u.ID)
if err != nil {
return nil, err
}
if hasWebAuthn {
return nil, errors.New("Basic authorization is not allowed while webAuthn enrolled")
}
if err := validateTOTP(req, u); err != nil {
return nil, err
}