mirror of
1
Fork 0
forgejo/tests
Gusted 16419b6fc3
fix: disallow basic authorization when security keys are enrolled
- This unifies the security behavior of enrolling security keys with
enrolling TOTP as a 2FA method. When TOTP is enrolled, you cannot use
basic authorization (user:password) to make API request on behalf of the
user, this is now also the case when you enroll security keys.
- The usage of access tokens are the only method to make API requests on
behalf of the user when a 2FA method is enrolled for the user.
- Integration test added.

(cherry picked from commit e6bbecb02d)
2024-11-15 12:02:14 +01:00
..
e2e [v7.0/forgejo] fix(ui): handle out-of-bounds end line in code selection (#4820) 2024-08-05 05:56:37 +00:00
fuzz Rework markup link rendering (#26745) 2024-01-15 08:49:24 +00:00
gitea-lfs-meta Test views of LFS files (#22196) 2022-12-23 07:41:56 +08:00
gitea-repositories-meta tests(integration): add TestPullMergeBranchProtect 2024-06-02 22:05:08 +02:00
integration fix: disallow basic authorization when security keys are enrolled 2024-11-15 12:02:14 +01:00
testdata/data/attachments/a/0 Allow get release download files and lfs files with oauth2 token format (#26430) 2023-10-01 10:41:52 +00:00
mssql.ini.tmpl [CI] Forgejo Actions based CI (squash) all queues are immediate 2024-02-05 13:33:59 +01:00
mysql.ini.tmpl [CI] Forgejo Actions based CI (squash) all queues are immediate 2024-02-05 13:33:59 +01:00
pgsql.ini.tmpl [CI] Forgejo Actions based CI (squash) all queues are immediate 2024-02-05 13:33:59 +01:00
sqlite.ini.tmpl [TESTS] increase test-sqlite log level to Trace 2024-02-05 14:44:33 +01:00
test_utils.go enable linter testifylint on v7 (#4572) 2024-07-30 19:42:06 +00:00