• Robert Speicher's avatar
    Merge branch '2fa-check-git-http' into 'master' · 02640809
    Robert Speicher authored
    2FA checks for Git over HTTP
    
    ## What does this MR do?
    
    This MR allows the use of `PersonalAccessTokens` to access Git over HTTP and makes that the only allowed method if the user has 2FA enabled. If a user with 2FA enabled tries to access Git over HTTP using his username and password the request will be denied and the user will be presented with the following message:
    
    ```
    remote: HTTP Basic: Access denied
    remote: You have 2FA enabled, please use a personal access token for Git over HTTP.
    remote: You can generate one at http://localhost:3000/profile/personal_access_tokens
    fatal: Authentication failed for 'http://localhost:3000/documentcloud/underscore.git/'
    ```
    
    ## What are the relevant issue numbers?
    
    Fixes #13568 
    
    See merge request !5764
    02640809
git_http_client_controller.rb 3.29 KB