mirrors/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-14 20:56:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support disable passkey auth (#33348) (#33819)

Browse Source 
* Backport #33348
* Backport #33820

---------

Co-authored-by: yp05327 <576951401@qq.com>
This commit is contained in:
wxiaoguang
2025-03-08 03:31:25 +08:00
committed by GitHub
parent 92f2d904f0
commit d03e7fd65e
8 changed files with 53 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
routers/web/auth/webauthn.go
View File

@@ -50,6 +50,11 @@ func WebAuthn(ctx *context.Context) {
// WebAuthnPasskeyAssertion submits a WebAuthn challenge for the passkey login to the browser
func WebAuthnPasskeyAssertion(ctx *context.Context) {
if !setting.Service.EnablePasskeyAuth {
ctx.Error(http.StatusForbidden)
return
}
assertion, sessionData, err := wa.WebAuthn.BeginDiscoverableLogin()
if err != nil {
ctx.ServerError("webauthn.BeginDiscoverableLogin", err)
@@ -66,6 +71,11 @@ func WebAuthnPasskeyAssertion(ctx *context.Context) {
// WebAuthnPasskeyLogin handles the WebAuthn login process using a Passkey
func WebAuthnPasskeyLogin(ctx *context.Context) {
if !setting.Service.EnablePasskeyAuth {
ctx.Error(http.StatusForbidden)
return
}
sessionData, okData := ctx.Session.Get("webauthnPasskeyAssertion").(*webauthn.SessionData)
if !okData || sessionData == nil {
ctx.ServerError("ctx.Session.Get", errors.New("not in WebAuthn session"))