@ -213,9 +213,9 @@ func SignInPost(ctx *context.Context) {
// If this user is enrolled in 2FA, we can't sign the user in just yet.
// If this user is enrolled in 2FA, we can't sign the user in just yet.
// Instead, redirect them to the 2FA authentication page.
// Instead, redirect them to the 2FA authentication page.
_ , err = models . GetTwoFactorByUID ( u . ID )
_ , err = login . GetTwoFactorByUID ( u . ID )
if err != nil {
if err != nil {
if models . IsErrTwoFactorNotEnrolled ( err ) {
if login . IsErrTwoFactorNotEnrolled ( err ) {
handleSignIn ( ctx , u , form . Remember )
handleSignIn ( ctx , u , form . Remember )
} else {
} else {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
@ -237,7 +237,7 @@ func SignInPost(ctx *context.Context) {
return
return
}
}
regs , err := models . GetU2FRegistrationsByUID ( u . ID )
regs , err := login . GetU2FRegistrationsByUID ( u . ID )
if err == nil && len ( regs ) > 0 {
if err == nil && len ( regs ) > 0 {
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
return
return
@ -277,7 +277,7 @@ func TwoFactorPost(ctx *context.Context) {
}
}
id := idSess . ( int64 )
id := idSess . ( int64 )
twofa , err := models . GetTwoFactorByUID ( id )
twofa , err := login . GetTwoFactorByUID ( id )
if err != nil {
if err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
@ -313,7 +313,7 @@ func TwoFactorPost(ctx *context.Context) {
}
}
twofa . LastUsedPasscode = form . Passcode
twofa . LastUsedPasscode = form . Passcode
if err = models . UpdateTwoFactor ( twofa ) ; err != nil {
if err = login . UpdateTwoFactor ( twofa ) ; err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}
@ -356,7 +356,7 @@ func TwoFactorScratchPost(ctx *context.Context) {
}
}
id := idSess . ( int64 )
id := idSess . ( int64 )
twofa , err := models . GetTwoFactorByUID ( id )
twofa , err := login . GetTwoFactorByUID ( id )
if err != nil {
if err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
@ -370,7 +370,7 @@ func TwoFactorScratchPost(ctx *context.Context) {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}
if err = models . UpdateTwoFactor ( twofa ) ; err != nil {
if err = login . UpdateTwoFactor ( twofa ) ; err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}
@ -418,7 +418,7 @@ func U2FChallenge(ctx *context.Context) {
return
return
}
}
id := idSess . ( int64 )
id := idSess . ( int64 )
regs , err := models . GetU2FRegistrationsByUID ( id )
regs , err := login . GetU2FRegistrationsByUID ( id )
if err != nil {
if err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
@ -454,7 +454,7 @@ func U2FSign(ctx *context.Context) {
}
}
challenge := challSess . ( * u2f . Challenge )
challenge := challSess . ( * u2f . Challenge )
id := idSess . ( int64 )
id := idSess . ( int64 )
regs , err := models . GetU2FRegistrationsByUID ( id )
regs , err := login . GetU2FRegistrationsByUID ( id )
if err != nil {
if err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
@ -717,8 +717,8 @@ func handleOAuth2SignIn(ctx *context.Context, source *login.Source, u *models.Us
needs2FA := false
needs2FA := false
if ! source . Cfg . ( * oauth2 . Source ) . SkipLocalTwoFA {
if ! source . Cfg . ( * oauth2 . Source ) . SkipLocalTwoFA {
_ , err := models . GetTwoFactorByUID ( u . ID )
_ , err := login . GetTwoFactorByUID ( u . ID )
if err != nil && ! models . IsErrTwoFactorNotEnrolled ( err ) {
if err != nil && ! login . IsErrTwoFactorNotEnrolled ( err ) {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}
@ -775,7 +775,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *login.Source, u *models.Us
}
}
// If U2F is enrolled -> Redirect to U2F instead
// If U2F is enrolled -> Redirect to U2F instead
regs , err := models . GetU2FRegistrationsByUID ( u . ID )
regs , err := login . GetU2FRegistrationsByUID ( u . ID )
if err == nil && len ( regs ) > 0 {
if err == nil && len ( regs ) > 0 {
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
return
return
@ -935,9 +935,9 @@ func linkAccount(ctx *context.Context, u *models.User, gothUser goth.User, remem
// If this user is enrolled in 2FA, we can't sign the user in just yet.
// If this user is enrolled in 2FA, we can't sign the user in just yet.
// Instead, redirect them to the 2FA authentication page.
// Instead, redirect them to the 2FA authentication page.
// We deliberately ignore the skip local 2fa setting here because we are linking to a previous user here
// We deliberately ignore the skip local 2fa setting here because we are linking to a previous user here
_ , err := models . GetTwoFactorByUID ( u . ID )
_ , err := login . GetTwoFactorByUID ( u . ID )
if err != nil {
if err != nil {
if ! models . IsErrTwoFactorNotEnrolled ( err ) {
if ! login . IsErrTwoFactorNotEnrolled ( err ) {
ctx . ServerError ( "UserLinkAccount" , err )
ctx . ServerError ( "UserLinkAccount" , err )
return
return
}
}
@ -967,7 +967,7 @@ func linkAccount(ctx *context.Context, u *models.User, gothUser goth.User, remem
}
}
// If U2F is enrolled -> Redirect to U2F instead
// If U2F is enrolled -> Redirect to U2F instead
regs , err := models . GetU2FRegistrationsByUID ( u . ID )
regs , err := login . GetU2FRegistrationsByUID ( u . ID )
if err == nil && len ( regs ) > 0 {
if err == nil && len ( regs ) > 0 {
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
ctx . Redirect ( setting . AppSubURL + "/user/u2f" )
return
return
@ -1561,7 +1561,7 @@ func ForgotPasswdPost(ctx *context.Context) {
ctx . HTML ( http . StatusOK , tplForgotPassword )
ctx . HTML ( http . StatusOK , tplForgotPassword )
}
}
func commonResetPassword ( ctx * context . Context ) ( * models . User , * models . TwoFactor ) {
func commonResetPassword ( ctx * context . Context ) ( * models . User , * login . TwoFactor ) {
code := ctx . FormString ( "code" )
code := ctx . FormString ( "code" )
ctx . Data [ "Title" ] = ctx . Tr ( "auth.reset_password" )
ctx . Data [ "Title" ] = ctx . Tr ( "auth.reset_password" )
@ -1583,9 +1583,9 @@ func commonResetPassword(ctx *context.Context) (*models.User, *models.TwoFactor)
return nil , nil
return nil , nil
}
}
twofa , err := models . GetTwoFactorByUID ( u . ID )
twofa , err := login . GetTwoFactorByUID ( u . ID )
if err != nil {
if err != nil {
if ! models . IsErrTwoFactorNotEnrolled ( err ) {
if ! login . IsErrTwoFactorNotEnrolled ( err ) {
ctx . Error ( http . StatusInternalServerError , "CommonResetPassword" , err . Error ( ) )
ctx . Error ( http . StatusInternalServerError , "CommonResetPassword" , err . Error ( ) )
return nil , nil
return nil , nil
}
}
@ -1680,7 +1680,7 @@ func ResetPasswdPost(ctx *context.Context) {
}
}
twofa . LastUsedPasscode = passcode
twofa . LastUsedPasscode = passcode
if err = models . UpdateTwoFactor ( twofa ) ; err != nil {
if err = login . UpdateTwoFactor ( twofa ) ; err != nil {
ctx . ServerError ( "ResetPasswdPost: UpdateTwoFactor" , err )
ctx . ServerError ( "ResetPasswdPost: UpdateTwoFactor" , err )
return
return
}
}
@ -1712,7 +1712,7 @@ func ResetPasswdPost(ctx *context.Context) {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}
if err = models . UpdateTwoFactor ( twofa ) ; err != nil {
if err = login . UpdateTwoFactor ( twofa ) ; err != nil {
ctx . ServerError ( "UserSignIn" , err )
ctx . ServerError ( "UserSignIn" , err )
return
return
}
}