github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 10:39:38 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

[PR #3971] [MERGED] Add support for FIDO U2F #17173

New Issue
Closed
opened 2025-11-02 12:28:23 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-02 12:28:23 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/go-gitea/gitea/pull/3971
Author: @jonasfranz
Created: 5/15/2018
Status: Merged
Merged: 5/19/2018
Merged by: @lafriks

Base: masterHead: u2f

📝 Commits (10+)

  • 008a62e Add support for U2F
  • a72944b Add vendor library
  • 18b3f09 Minor improvements
  • acf6728 Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
  • 1966eb6 Merge branch 'master' into u2f
  • bf0aae7 Merge branch 'master' into u2f
  • 60f0ae7 Add U2F login page to OAuth
  • 0dcda4d Merge remote-tracking branch 'onion/u2f' into u2f
  • bc68bef Merge branch 'master' into u2f
  • 2c8120d Move U2F user settings to a separate file

📊 Changes

34 files changed (+1599 additions, -9 deletions)

View changed files

📝 custom/conf/app.ini.sample (+9 -1)
📝 docs/content/doc/advanced/config-cheat-sheet.en-us.md (+4 -0)
📝 docs/content/doc/features/comparison.en-us.md (+9 -0)
📝 models/error.go (+22 -0)
models/fixtures/u2f_registration.yml (+7 -0)
📝 models/migrations/migrations.go (+2 -0)
models/migrations/v65.go (+19 -0)
📝 models/models.go (+1 -0)
models/u2f.go (+120 -0)
models/u2f_test.go (+61 -0)
📝 modules/auth/user_form.go (+20 -0)
📝 modules/setting/setting.go (+8 -0)
📝 options/locale/locale_en-US.ini (+22 -0)
📝 public/js/index.js (+127 -1)
📝 public/vendor/librejs.html (+5 -0)
public/vendor/plugins/u2f/index.js (+1 -0)
📝 routers/routes/routes.go (+15 -1)
📝 routers/user/auth.go (+134 -5)
📝 routers/user/setting/security.go (+8 -0)
routers/user/setting/security_u2f.go (+99 -0)

...and 14 more files

📄 Description

Fixes #1024

Adds support for FIDO U2F as an addition to Two-Factor Authentication by Phone. Currently it is only works with Chrome but I am trying to support Firefox and Android too.

Requirements

  • FIDO U2F certified key
  • Access via https

Video example

gitea fido u2f demo

TODO

  • Improve error handling
  • Android (Chrome) support
  • iOS support (Hardware required) (no software support by iOS currently)
  • Firefox support auth
  • Firefox support register
  • Expiration timer
  • Redirect / Check for https
  • Add tests (lots of tests)

iOS

I cannot test iOS at the moment because my security key does not support Bluetooth LE. If you want to provide me a BLE key, please contact me via Discord. Thanks to @techknowlogick for sponsoring a Bluetooth LE key.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/go-gitea/gitea/pull/3971 **Author:** [@jonasfranz](https://github.com/jonasfranz) **Created:** 5/15/2018 **Status:** ✅ Merged **Merged:** 5/19/2018 **Merged by:** [@lafriks](https://github.com/lafriks) **Base:** `master` ← **Head:** `u2f` --- ### 📝 Commits (10+) - [`008a62e`](https://github.com/go-gitea/gitea/commit/008a62e967868fc62ff1d3c7633d84463db0f5a0) Add support for U2F - [`a72944b`](https://github.com/go-gitea/gitea/commit/a72944b0145770a1afa0b1f454d389ca4c0dacaa) Add vendor library - [`18b3f09`](https://github.com/go-gitea/gitea/commit/18b3f090e32161ae1f6f602e94e9785f0c74159e) Minor improvements - [`acf6728`](https://github.com/go-gitea/gitea/commit/acf67281e1a7bf4e3f57ab363ce736e3f6663384) Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library - [`1966eb6`](https://github.com/go-gitea/gitea/commit/1966eb6607746cf1035ce6168fcb70c896db9afe) Merge branch 'master' into u2f - [`bf0aae7`](https://github.com/go-gitea/gitea/commit/bf0aae7862bfc599f2cc452fd034d39f8ab00efc) Merge branch 'master' into u2f - [`60f0ae7`](https://github.com/go-gitea/gitea/commit/60f0ae7e0c75636fd1a286a709ddd50f49ff14d6) Add U2F login page to OAuth - [`0dcda4d`](https://github.com/go-gitea/gitea/commit/0dcda4de21362dbeb80eb44e56ff70512ea13a06) Merge remote-tracking branch 'onion/u2f' into u2f - [`bc68bef`](https://github.com/go-gitea/gitea/commit/bc68befc487f9a57cd1e67012efb644c221578f4) Merge branch 'master' into u2f - [`2c8120d`](https://github.com/go-gitea/gitea/commit/2c8120d37e044a8f896bea700950a17db3195794) Move U2F user settings to a separate file ### 📊 Changes **34 files changed** (+1599 additions, -9 deletions) <details> <summary>View changed files</summary> 📝 `custom/conf/app.ini.sample` (+9 -1) 📝 `docs/content/doc/advanced/config-cheat-sheet.en-us.md` (+4 -0) 📝 `docs/content/doc/features/comparison.en-us.md` (+9 -0) 📝 `models/error.go` (+22 -0) ➕ `models/fixtures/u2f_registration.yml` (+7 -0) 📝 `models/migrations/migrations.go` (+2 -0) ➕ `models/migrations/v65.go` (+19 -0) 📝 `models/models.go` (+1 -0) ➕ `models/u2f.go` (+120 -0) ➕ `models/u2f_test.go` (+61 -0) 📝 `modules/auth/user_form.go` (+20 -0) 📝 `modules/setting/setting.go` (+8 -0) 📝 `options/locale/locale_en-US.ini` (+22 -0) 📝 `public/js/index.js` (+127 -1) 📝 `public/vendor/librejs.html` (+5 -0) ➕ `public/vendor/plugins/u2f/index.js` (+1 -0) 📝 `routers/routes/routes.go` (+15 -1) 📝 `routers/user/auth.go` (+134 -5) 📝 `routers/user/setting/security.go` (+8 -0) ➕ `routers/user/setting/security_u2f.go` (+99 -0) _...and 14 more files_ </details> ### 📄 Description Fixes #1024 Adds support for FIDO U2F as an addition to Two-Factor Authentication by Phone. ~~Currently it is only works with Chrome but I am trying to support Firefox and Android too.~~ ## Requirements * FIDO U2F certified key * Access via https ## Video example [![gitea fido u2f demo](http://img.youtube.com/vi/sA4Id3Sc72M/0.jpg)](http://www.youtube.com/watch?v=sA4Id3Sc72M) ## TODO - [x] Improve error handling - [x] Android (Chrome) support - [x] ~~iOS support (Hardware required)~~ *(no software support by iOS currently)* - [x] Firefox support auth - [x] Firefox support register - [x] Expiration timer - [x] Redirect / Check for https - [x] Add tests (lots of tests) ## iOS ~~I cannot test iOS at the moment because my security key does not support Bluetooth LE. If you want to provide me a BLE key, please contact me via Discord.~~ Thanks to @techknowlogick for sponsoring a Bluetooth LE key. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-02 12:28:23 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#17173
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?