fedi/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-25 14:35:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
forgejo/services/auth
History
Gusted e6bbecb02d
fix: disallow basic authorization when security keys are enrolled 
- This unifies the security behavior of enrolling security keys with
enrolling TOTP as a 2FA method. When TOTP is enrolled, you cannot use
basic authorization (user:password) to make API request on behalf of the
user, this is now also the case when you enroll security keys.
- The usage of access tokens are the only method to make API requests on
behalf of the user when a 2FA method is enrolled for the user.
- Integration test added.
2024-11-15 10:59:36 +01:00
..
source Merge pull request 'fix: use ValidateEmail as binding across web forms' (#5158) from solomonv/consolidate-email-validation into forgejo 2024-10-21 14:31:32 +00:00
additional_scopes_test.go tests additional grant scopes 2024-08-09 14:58:15 +02:00
auth.go
auth_test.go
basic.go fix: disallow basic authorization when security keys are enrolled 2024-11-15 10:59:36 +01:00
group.go
httpsign.go
interface.go
main_test.go
oauth2.go OAuth2 provider: support for granular scopes 2024-08-09 14:58:15 +02:00
reverseproxy.go [BUG] First user created through reverse proxy should be admin 2024-08-19 21:04:35 +02:00
reverseproxy_test.go [BUG] First user created through reverse proxy should be admin 2024-08-19 21:04:35 +02:00
session.go
signin.go
source.go
sspi.go
sspiauth_posix.go
sync.go