-
- Downloads
Merge branch '2fa-check-git-http' into 'master'
2FA checks for Git over HTTP ## What does this MR do? This MR allows the use of `PersonalAccessTokens` to access Git over HTTP and makes that the only allowed method if the user has 2FA enabled. If a user with 2FA enabled tries to access Git over HTTP using his username and password the request will be denied and the user will be presented with the following message: ``` remote: HTTP Basic: Access denied remote: You have 2FA enabled, please use a personal access token for Git over HTTP. remote: You can generate one at http://localhost:3000/profile/personal_access_tokens fatal: Authentication failed for 'http://localhost:3000/documentcloud/underscore.git/' ``` ## What are the relevant issue numbers? Fixes #13568 See merge request !5764
Showing
- CHANGELOG 1 addition, 0 deletionsCHANGELOG
- app/controllers/projects/git_http_client_controller.rb 10 additions, 0 deletionsapp/controllers/projects/git_http_client_controller.rb
- app/views/profiles/personal_access_tokens/index.html.haml 4 additions, 0 deletionsapp/views/profiles/personal_access_tokens/index.html.haml
- lib/gitlab/auth.rb 38 additions, 6 deletionslib/gitlab/auth.rb
- spec/requests/git_http_spec.rb 39 additions, 0 deletionsspec/requests/git_http_spec.rb
Loading
Please register or sign in to comment