Revert "[BRANDING] X-Forgejo-OTP can be used instead of X-Gitea-OTP"

This reverts commit 9413fd0274.
2024-10-31 22:58:59 +01:00 · 2023-11-14 13:11:42 +01:00 · 2023-11-14 13:11:42 +01:00 · a1e6944bd7
commit a1e6944bd7
parent d7e67cf616
4 changed files with 4 additions and 34 deletions
--- a/modules/context/api.go
+++ b/modules/context/api.go
@ -197,20 +197,13 @@ func (ctx *APIContext) SetLinkHeader(total, pageSize int) {
 	}
 }

-func getOtpHeader(header http.Header) string {
-	otpHeader := header.Get("X-Gitea-OTP")
-	if forgejoHeader := header.Get("X-Forgejo-OTP"); forgejoHeader != "" {
-		otpHeader = forgejoHeader
-	}
-	return otpHeader
-}
-
 // CheckForOTP validates OTP
 func (ctx *APIContext) CheckForOTP() {
 	if skip, ok := ctx.Data["SkipLocalTwoFA"]; ok && skip.(bool) {
 		return // Skip 2FA
 	}

+	otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
 	twofa, err := auth.GetTwoFactorByUID(ctx.Doer.ID)
 	if err != nil {
 		if auth.IsErrTwoFactorNotEnrolled(err) {
@ -219,7 +212,7 @@ func (ctx *APIContext) CheckForOTP() {
 		ctx.Error(http.StatusInternalServerError, "GetTwoFactorByUID", err)
 		return
 	}
-	ok, err := twofa.ValidateTOTP(getOtpHeader(ctx.Req.Header))
+	ok, err := twofa.ValidateTOTP(otpHeader)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "ValidateTOTP", err)
 		return
--- a/modules/context/api_forgejo_test.go
+++ b/modules/context/api_forgejo_test.go
@ -1,23 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-package context
-
-import (
-	"net/http"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestGetOtpHeader(t *testing.T) {
-	header := http.Header{}
-	assert.EqualValues(t, "", getOtpHeader(header))
-	// Gitea
-	giteaOtp := "123456"
-	header.Set("X-Gitea-OTP", giteaOtp)
-	assert.EqualValues(t, giteaOtp, getOtpHeader(header))
-	// Forgejo has precedence
-	forgejoOtp := "abcdef"
-	header.Set("X-Forgejo-OTP", forgejoOtp)
-	assert.EqualValues(t, forgejoOtp, getOtpHeader(header))
-}
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -56,7 +56,7 @@
 //	     description: Sudo API request as the user provided as the key. Admin privileges are required.
 //	TOTPHeader:
 //	     type: apiKey
-//	     name: X-FORGEJO-OTP
+//	     name: X-GITEA-OTP
 //	     in: header
 //	     description: Must be used in combination with BasicAuth if two-factor authentication is enabled.
 //
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@ -23138,7 +23138,7 @@
    "TOTPHeader": {
      "description": "Must be used in combination with BasicAuth if two-factor authentication is enabled.",
      "type": "apiKey",
-      "name": "X-FORGEJO-OTP",
+      "name": "X-GITEA-OTP",
      "in": "header"
    },
    "Token": {