-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable X-Gitea-OTP header for git operations #28968
Comments
That sounds really exhausting because the OTP always needs to be refreshed. Why not use a PAT instead of the normal password? |
This is just for use in cases where I'm fetching a project once onto a server I don't want to set up SSH on. Using tokens for this would either require making a fresh token every time which is annoying, or having one to always use which is a security hole. |
This is quite interesting. On one hand user/pass auth for api/git operations are being depreciated, but it does give the idea of otp with scoped tokens 🤔 |
Is Gitea planning to deprecate http entirely for git operations? |
No, only the combination with username and password. |
Why, if I may ask? I know GitHub has stopped allowing it but I'm not quite sure why. |
Because the username/password combination should be used in less places in favor of configurable tokens. |
Why? |
#28968 (comment) |
Not beeing able to use Username/Password could be a problem for one time contributors |
Feature Description
Currently, users with Multi-Factor Auth can't use http/https to perform git operations. The Gitea API does support sending the OTP along using the X-Gitea-OTP header. It would be useful if git operations also supported this header.
It is possible to add custom headers to git http requests using the
-c http.extraHeaders="X-Gitea-OTP: 123456"
flag.This would be useful for one-time cloning of projects to computers where we don't want to set up our entire SSH key, and is a lot easier than creating an application token for the operation.
Screenshots
No response
The text was updated successfully, but these errors were encountered: