Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-04-30 09:34:54 +02:00
Code Issues Activity
gitea/modules
History
wxiaoguang 0148d03f21
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187) 
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
..
actions
Get changed files based on merge base when checking pull_request actions trigger (#34106)
2025-04-03 05:13:16 +00:00
activitypub
Enable tenv and testifylint rules (#32852)
2024-12-15 10:41:29 +00:00
analyze
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
assetfs
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
auth
Fix pam auth test regression (#33169)
2025-01-09 21:09:11 +08:00
avatar
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
badge
Add flat-square action badge style (#34062)
2025-04-01 09:42:10 +00:00
base
Add material icons for file list (#33837)
2025-03-10 15:57:17 +08:00
cache
Add cache for common package queries (#22491)
2025-04-13 09:40:36 +00:00
cachegroup
Cache GPG keys, emails and users when list commits (#34086)
2025-04-09 16:34:38 +00:00
charset
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
container
Refactor sidebar assignee&milestone&project selectors (#32465)
2024-11-11 04:07:54 +08:00
csv
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
dump
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
emoji
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
eventsource
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
fileicon
Keep file tree view icons consistent with icon theme (#33921)
2025-04-06 19:35:08 +00:00
generate
Refactor JWT secret generating & decoding code (#29172)
2024-02-16 15:18:30 +00:00
git
Add API endpoint to request contents of multiple files simultaniously (#34139)
2025-04-22 01:20:11 +08:00
gitrepo
Refactor Branch struct in package modules/git (#33980)
2025-04-02 17:31:32 +00:00
globallock
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
graceful
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
gtprof
enable staticcheck QFxxxx rules (#34064)
2025-03-29 17:32:28 -04:00
hcaptcha
Consume hcaptcha and pwn deps (#22610)
2023-01-29 09:49:51 -06:00
highlight
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
hostmatcher
Support allowed hosts for migrations to work with proxy (#32025)
2024-09-11 05:47:00 +00:00
htmlutil
Refactor HTMLFormat, update chroma render, fix js error (#33136)
2025-01-08 03:44:32 +00:00
httpcache
Refactor cache-control (#33861)
2025-03-13 07:04:50 +08:00
httplib
Make public URL generation configurable (#34250)
2025-04-22 06:49:37 +08:00
indexer
update go&js dependencies (#34262)
2025-04-23 21:22:40 +00:00
issue/template
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
json
Fix some migration and repo name problems (#33986)
2025-03-24 20:26:58 -07:00
label
feat: Add sorting by exclusive labels (issue priority) (#33206)
2025-04-10 17:18:07 +00:00
lfs
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
lfstransfer
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
log
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
markup
Valid email address should only start with alphanumeric (#28174)
2025-04-20 19:18:14 +08:00
mcaptcha
Implement FSFE REUSE for golang files (#21840)
2022-11-27 18:20:29 +00:00
metrics
Rename project board -> column to make the UI less confusing (#30170)
2024-05-27 08:59:54 +00:00
migration
remove context from retry downloader (#33871)
2025-03-14 00:28:57 +00:00
nosql
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
optional
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
options
Use a general approach to access custom/static/builtin assets (#24022)
2023-04-12 18:16:45 +08:00
packages
Uniform all temporary directories and allow customizing temp path (#32352)
2025-04-08 16:15:28 +00:00
paginator
Only use prev and next buttons for pagination on user dashboard (#33981)
2025-03-23 19:52:43 +00:00
pprof
Implement FSFE REUSE for golang files (#21840)
2022-11-27 18:20:29 +00:00
private
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
process
Use test context in tests and new loop system in benchmarks (#33648)
2025-02-20 09:57:40 +00:00
proxy
Use proxy for pull mirror (#22771)
2023-02-11 08:39:50 +08:00
proxyprotocol
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
public
Refactor cache-control (#33861)
2025-03-13 07:04:50 +08:00
queue
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
recaptcha
Implement FSFE REUSE for golang files (#21840)
2022-11-27 18:20:29 +00:00
references
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
regexplru
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
repository
Move and rename UpdateRepository (#34136)
2025-04-12 18:22:18 +00:00
reqctx
Add material icons for file list (#33837)
2025-03-10 15:57:17 +08:00
secret
Upgrade golangci-lint to v1.64.5 (#33654)
2025-02-21 00:05:40 +08:00
session
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187)
2025-04-28 15:31:59 -07:00
setting
Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187)
2025-04-28 15:31:59 -07:00
sitemap
Fix sitemap (#22272)
2022-12-30 23:31:00 +08:00
ssh
Uniform all temporary directories and allow customizing temp path (#32352)
2025-04-08 16:15:28 +00:00
storage
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
structs
Update token creation API swagger documentation (#34288)
2025-04-27 05:32:15 +00:00
svg
Add sub issue list support (#32940)
2024-12-24 01:54:19 +00:00
sync
Use global lock instead of NewExclusivePool to allow distributed lock between multiple Gitea instances (#31813)
2024-09-06 10:12:41 +00:00
system
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
tailmsg
Support performance trace (#32973)
2025-01-21 18:57:07 +00:00
tempdir
Uniform all temporary directories and allow customizing temp path (#32352)
2025-04-08 16:15:28 +00:00
templates
Fix various trivial frontend problems (#34263)
2025-04-24 09:11:54 +08:00
test
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
testlogger
Use test context in tests and new loop system in benchmarks (#33648)
2025-02-20 09:57:40 +00:00
timeutil
Refactor DateUtils and merge TimeSince (#32409)
2024-11-04 11:30:00 +00:00
translation
Enable testifylint rules (#34075)
2025-03-31 01:53:48 -04:00
turnstile
Add new captcha: cloudflare turnstile (#22369)
2023-02-05 15:29:03 +08:00
typesniffer
Add avif image file support (#32508)
2024-11-15 00:55:50 +00:00
updatechecker
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
uri
Implement FSFE REUSE for golang files (#21840)
2022-11-27 18:20:29 +00:00
user
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
util
Uniform all temporary directories and allow customizing temp path (#32352)
2025-04-08 16:15:28 +00:00
validation
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
web
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
webhook
Add workflow_job webhook (#33694)
2025-03-11 10:40:38 -07:00
zstd
Support compression for Actions logs (#31761)
2024-08-09 10:10:30 +08:00