From 0e56e9c9d91c24a19c0bcbb521f671b230e6ba2a Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Wed, 19 May 2021 03:30:33 +0100
Subject: [PATCH] Restore token authentication for git http when 2FA active
 (#15915)

There was a small regression in #15303 whereby token auth
with 2FA active would be disallowed.

This PR fixes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
---
 routers/repo/http.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routers/repo/http.go b/routers/repo/http.go
index ef80f7ab02..30d382b8ef 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -174,7 +174,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 			return
 		}
 
-		if ctx.IsBasicAuth {
+		if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {
 			_, err = models.GetTwoFactorByUID(ctx.User.ID)
 			if err == nil {
 				// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented