From c9bf137a230ec24a8b814698407cf59760ea9dc2 Mon Sep 17 00:00:00 2001 From: Johan Van de Wauw Date: Wed, 10 Sep 2025 20:48:36 +0000 Subject: [PATCH] Add TWO_FACTOR_AUTH documentation (#273) Reviewed-on: https://gitea.com/gitea/docs/pulls/273 Reviewed-by: Lunny Xiao Co-authored-by: Johan Van de Wauw Co-committed-by: Johan Van de Wauw --- docs/administration/config-cheat-sheet.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/administration/config-cheat-sheet.md b/docs/administration/config-cheat-sheet.md index 8426f7db..c08d56a3 100644 --- a/docs/administration/config-cheat-sheet.md +++ b/docs/administration/config-cheat-sheet.md @@ -626,6 +626,7 @@ And the following unique queues: - `PASSWORD_CHECK_PWN`: **false**: Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed. - `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**: Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security. - `DISABLE_QUERY_AUTH_TOKEN`: **false**: Reject API tokens sent in URL query string (Accept Header-based API tokens only). This setting will default to `true` in Gitea 1.23 and be deprecated in Gitea 1.24. +- `TWO_FACTOR_AUTH`: **_empty_**: set to enforced to enforce two factor authentication. Only available in Gitea 1.24 and later. ## Camo (`camo`)