From 6904aa7260f1f3363914ab909962d277530d84c2 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Tue, 18 May 2021 13:19:58 +0100 Subject: [PATCH] Restore token authentication for git http when 2FA active There was a small regression in #15303 whereby token auth with 2FA active would be disallowed. This PR fixes this. Signed-off-by: Andrew Thornton --- routers/repo/http.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/repo/http.go b/routers/repo/http.go index ef80f7ab02e7c..30d382b8ef18d 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -174,7 +174,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) { return } - if ctx.IsBasicAuth { + if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true { _, err = models.GetTwoFactorByUID(ctx.User.ID) if err == nil { // TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented