diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 2168d0d88..a032cda30 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -58,7 +58,7 @@ // description: Sudo API request as the user provided as the key. Admin privileges are required. // TOTPHeader: // type: apiKey -// name: X-GITEA-OTP +// name: X-FORGEJO-OTP // in: header // description: Must be used in combination with BasicAuth if two-factor authentication is enabled. // diff --git a/services/auth/basic.go b/services/auth/basic.go index 1184d12d1..c8cb1735e 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -143,6 +143,14 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore return u, nil } +func getOtpHeader(header http.Header) string { + otpHeader := header.Get("X-Gitea-OTP") + if forgejoHeader := header.Get("X-Forgejo-OTP"); forgejoHeader != "" { + otpHeader = forgejoHeader + } + return otpHeader +} + func validateTOTP(req *http.Request, u *user_model.User) error { twofa, err := auth_model.GetTwoFactorByUID(req.Context(), u.ID) if err != nil { @@ -152,7 +160,7 @@ func validateTOTP(req *http.Request, u *user_model.User) error { } return err } - if ok, err := twofa.ValidateTOTP(req.Header.Get("X-Gitea-OTP")); err != nil { + if ok, err := twofa.ValidateTOTP(getOtpHeader(req.Header)); err != nil { return err } else if !ok { return util.NewInvalidArgumentErrorf("invalid provided OTP") diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl index e8af8ed74..d7f5fe585 100644 --- a/templates/swagger/v1_json.tmpl +++ b/templates/swagger/v1_json.tmpl @@ -24273,7 +24273,7 @@ "TOTPHeader": { "description": "Must be used in combination with BasicAuth if two-factor authentication is enabled.", "type": "apiKey", - "name": "X-GITEA-OTP", + "name": "X-FORGEJO-OTP", "in": "header" }, "Token": { diff --git a/tests/integration/api_twofa_test.go b/tests/integration/api_twofa_test.go index aad806b6d..3860eedde 100644 --- a/tests/integration/api_twofa_test.go +++ b/tests/integration/api_twofa_test.go @@ -52,4 +52,9 @@ func TestAPITwoFactor(t *testing.T) { AddBasicAuth(user.Name) req.Header.Set("X-Gitea-OTP", passcode) MakeRequest(t, req, http.StatusOK) + + req = NewRequestf(t, "GET", "/api/v1/user"). + AddBasicAuth(user.Name) + req.Header.Set("X-Forgejo-OTP", passcode) + MakeRequest(t, req, http.StatusOK) }