mirror of
https://github.com/go-gitea/gitea
synced 2025-07-22 18:28:37 +00:00
Remove U2F support (#20141)
- Completely remove U2F support from 1.18.0, 1.17.0 will be the last release that U2F is somewhat supported. Users who used U2F would already be warned about using U2F for a while now and should hopefully already be migrated. But starting 1.18 definitely remove it.
This commit is contained in:
@@ -67,10 +67,7 @@ func WebAuthnLoginAssertion(ctx *context.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
// FIXME: DEPRECATED appid is deprecated and is planned to be removed in v1.18.0
|
||||
assertion, sessionData, err := wa.WebAuthn.BeginLogin((*wa.User)(user), webauthn.WithAssertionExtensions(protocol.AuthenticationExtensions{
|
||||
"appid": setting.U2F.AppID,
|
||||
}))
|
||||
assertion, sessionData, err := wa.WebAuthn.BeginLogin((*wa.User)(user))
|
||||
if err != nil {
|
||||
ctx.ServerError("webauthn.BeginLogin", err)
|
||||
return
|
||||
@@ -159,12 +156,5 @@ func WebAuthnLoginAssertionPost(ctx *context.Context) {
|
||||
}
|
||||
_ = ctx.Session.Delete("twofaUid")
|
||||
|
||||
// Finally check if the appid extension was used:
|
||||
if value, ok := parsedResponse.ClientExtensionResults["appid"]; ok {
|
||||
if appid, ok := value.(bool); ok && appid {
|
||||
ctx.Flash.Error(ctx.Tr("webauthn_u2f_deprecated", dbCred.Name))
|
||||
}
|
||||
}
|
||||
|
||||
ctx.JSON(http.StatusOK, map[string]string{"redirect": redirect})
|
||||
}
|
||||
|
Reference in New Issue
Block a user