rhodecode-enterprise-ce Commit - r5370:6dc425cb

fix(2fa): fixed redirect loop in workflow when password reset was done.

super-admin -

r5370:6dc425cb default

parent child

rhodecode/apps/_base/__init__.py

0 +1 0

                     skip_user_views = [
                         "logout",
                         "login",
+                        "check_2fa",
                         "my_account_password",
                         "my_account_password_update",
                     ]

rhodecode/lib/middleware/vcs.py

0 +11 -6

             from webob.exc import HTTPNotFound
             import rhodecode
+            from rhodecode.apps._base import ADMIN_PREFIX
             from rhodecode.lib.middleware.utils import get_path_info
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.simplegit import SimpleGit, GIT_PROTO_PAT
                     # login
                     "_admin/login",
+                    # 2fa
+                    f"{ADMIN_PREFIX}/check_2fa",
+                    f"{ADMIN_PREFIX}/setup_2fa",
                     # _admin/api is safe too
-                    '_admin/api',
+                    f'{ADMIN_PREFIX}/api',
                     # _admin/gist is safe too
-                    '_admin/gists++',
+                    f'{ADMIN_PREFIX}/gists++',
                     # _admin/my_account is safe too
-                    '_admin/my_account++',
+                    f'{ADMIN_PREFIX}/my_account++',
                     # static files no detection
                     '_static++',
                     '_debug_toolbar++',
                     # skip ops ping, status
-                    '_admin/ops/ping',
+                    f'{ADMIN_PREFIX}/ops/ping',
-                    '_admin/ops/status',
+                    f'{ADMIN_PREFIX}/ops/status',
                     # full channelstream connect should be VCS skipped
-                    '_admin/channelstream/connect',
+                    f'{ADMIN_PREFIX}/channelstream/connect',
                     '++/repo_creating_check'
                 ]

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages