closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2760 Commits
2 Branches
178 MiB
Tree: 00767a0522
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '00767a0522'
${ noResults }
gitea/modules/auth/auth.go

270 lines
6.4 KiB
Raw Normal View History

Add binding form for register user
10 years ago
New UI merge in progress
10 years ago
token recent activity
9 years ago
Add binding form for register user
10 years ago
cmd: CMD option for port number of `gogs web` to prevent first time run conflict - routers: use new binding convention to simplify code - templates: able to set HTTP port number in install page
9 years ago
Use binding middleware
10 years ago
New UI merge in progress
10 years ago
Add binding form for register user
10 years ago
New UI merge in progress
10 years ago
work on #616 and update locales
10 years ago
New UI merge in progress
10 years ago
work on #672
10 years ago
Add binding form for register user
10 years ago
#1128: API calls are not hidden behind sign in
9 years ago
#842 able to use access token replace basic auth
9 years ago
New UI merge in progress
10 years ago
#842 able to use access token replace basic auth
9 years ago
support URL param to token, but still restrict to APIs
9 years ago
#842 able to use access token replace basic auth
9 years ago
support URL param to token, but still restrict to APIs
9 years ago
add personal access token panel #12
10 years ago
support URL param to token, but still restrict to APIs
9 years ago
add personal access token panel #12
10 years ago
#12, API: list user repos, list repo hooks
10 years ago
WIP: create PR - choose branch
9 years ago
allow anonymous SSH clone
9 years ago
#12, API: list user repos, list repo hooks
10 years ago
New UI merge in progress
10 years ago
Finish create organization team
10 years ago
New UI merge in progress
10 years ago
fix #165
10 years ago
#842 able to use access token replace basic auth
9 years ago
work on #616 and update locales
10 years ago
more APIs on #12
10 years ago
work on #616 and update locales
10 years ago
#842 able to use access token replace basic auth
9 years ago
work on #616 and update locales
10 years ago
New UI merge in progress
10 years ago
work on #616 and update locales
10 years ago
#842 able to use access token replace basic auth
9 years ago
work on #616 and update locales
10 years ago
allow anonymous SSH clone
9 years ago
work on #616 and update locales
10 years ago
fix #165
10 years ago
Fix spelling errors in comments.
10 years ago
fix #165
10 years ago
work on #672
10 years ago
fix #165
10 years ago
work on #616 and update locales
10 years ago
more APIs on #12
10 years ago
work on #616 and update locales
10 years ago
#842 able to use access token replace basic auth
9 years ago
work on #616 and update locales
10 years ago
Attempt #3 of ldap fixes
9 years ago
work on #616 and update locales
10 years ago
allow anonymous SSH clone
9 years ago
Attempt #3 of ldap fixes
9 years ago
work on #616 and update locales
10 years ago
more APIs on #12
10 years ago
work on #616 and update locales
10 years ago
Attempt #3 of ldap fixes
9 years ago
work on #616 and update locales
10 years ago
more APIs on #12
10 years ago
New UI merge in progress
10 years ago
WIP: create PR - choose branch
9 years ago
New UI merge in progress
10 years ago
more APIs on #12
10 years ago
New UI merge in progress
10 years ago
more APIs on #12
10 years ago
Working on install page
10 years ago
Use binding middleware
10 years ago
cmd: CMD option for port number of `gogs web` to prevent first time run conflict - routers: use new binding convention to simplify code - templates: able to set HTTP port number in install page
9 years ago
New UI merge in progress
10 years ago
cmd: CMD option for port number of `gogs web` to prevent first time run conflict - routers: use new binding convention to simplify code - templates: able to set HTTP port number in install page
9 years ago
New UI merge in progress
10 years ago
Fix #340
10 years ago
New UI merge in progress
10 years ago
Fix #340
10 years ago
UI: basic label list - create new label
9 years ago
New UI merge in progress
10 years ago
UI: basic label list - create new label
9 years ago
Fix #340
10 years ago
#1487 Readme Template
9 years ago
Use binding middleware
10 years ago
New UI merge in progress
10 years ago
Use binding middleware
10 years ago
New UI merge in progress
10 years ago
UI: install - new version
9 years ago
Use binding middleware
10 years ago
fix binding api broken
10 years ago
New UI merge in progress
10 years ago
fix binding api broken
10 years ago
New UI merge in progress
10 years ago
fix binding api broken
10 years ago
New UI merge in progress
10 years ago
UI: basic label list - create new label
9 years ago
fix binding api broken
10 years ago
Fix #340
10 years ago
fix binding api broken
10 years ago
Fix #340
10 years ago
fix binding api broken
10 years ago
New UI merge in progress
10 years ago
fix binding api broken
10 years ago
New UI merge in progress
10 years ago
Use binding middleware
10 years ago
New UI merge in progress
10 years ago
Use binding middleware
10 years ago
New UI merge in progress
10 years ago
Use binding middleware
10 years ago
Working on install page
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package auth
  6. 

  7. import (
  8. 	"reflect"
  9. 	"strings"
  10. 	"time"
  11. 

  12. 	"github.com/Unknwon/com"
  13. 	"github.com/Unknwon/macaron"
  14. 	"github.com/macaron-contrib/binding"
  15. 	"github.com/macaron-contrib/session"
  16. 

  17. 	"github.com/gogits/gogs/models"
  18. 	"github.com/gogits/gogs/modules/base"
  19. 	"github.com/gogits/gogs/modules/log"
  20. 	"github.com/gogits/gogs/modules/setting"
  21. 	"github.com/gogits/gogs/modules/uuid"
  22. )
  23. 

  24. func IsAPIPath(url string) bool {
  25. 	return strings.HasPrefix(url, "/api/")
  26. }
  27. 

  28. // SignedInID returns the id of signed in user.

  29. func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
  30. 	if !models.HasEngine {
  31. 		return 0
  32. 	}
  33. 

  34. 	// Check access token.

  35. 	if IsAPIPath(ctx.Req.URL.Path) {
  36. 		tokenSHA := ctx.Query("token")
  37. 		if len(tokenSHA) == 0 {
  38. 			// Well, check with header again.

  39. 			auHead := ctx.Req.Header.Get("Authorization")
  40. 			if len(auHead) > 0 {
  41. 				auths := strings.Fields(auHead)
  42. 				if len(auths) == 2 && auths[0] == "token" {
  43. 					tokenSHA = auths[1]
  44. 				}
  45. 			}
  46. 		}
  47. 

  48. 		// Let's see if token is valid.

  49. 		if len(tokenSHA) > 0 {
  50. 			t, err := models.GetAccessTokenBySHA(tokenSHA)
  51. 			if err != nil {
  52. 				if models.IsErrAccessTokenNotExist(err) {
  53. 					log.Error(4, "GetAccessTokenBySHA: %v", err)
  54. 				}
  55. 				return 0
  56. 			}
  57. 			t.Updated = time.Now()
  58. 			if err = models.UpdateAccessToekn(t); err != nil {
  59. 				log.Error(4, "UpdateAccessToekn: %v", err)
  60. 			}
  61. 			return t.UID
  62. 		}
  63. 	}
  64. 

  65. 	uid := sess.Get("uid")
  66. 	if uid == nil {
  67. 		return 0
  68. 	}
  69. 	if id, ok := uid.(int64); ok {
  70. 		if _, err := models.GetUserByID(id); err != nil {
  71. 			if !models.IsErrUserNotExist(err) {
  72. 				log.Error(4, "GetUserById: %v", err)
  73. 			}
  74. 			return 0
  75. 		}
  76. 		return id
  77. 	}
  78. 	return 0
  79. }
  80. 

  81. // SignedInUser returns the user object of signed user.

  82. // It returns a bool value to indicate whether user uses basic auth or not.

  83. func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {
  84. 	if !models.HasEngine {
  85. 		return nil, false
  86. 	}
  87. 

  88. 	uid := SignedInID(ctx, sess)
  89. 

  90. 	if uid <= 0 {
  91. 		if setting.Service.EnableReverseProxyAuth {
  92. 			webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)
  93. 			if len(webAuthUser) > 0 {
  94. 				u, err := models.GetUserByName(webAuthUser)
  95. 				if err != nil {
  96. 					if !models.IsErrUserNotExist(err) {
  97. 						log.Error(4, "GetUserByName: %v", err)
  98. 						return nil, false
  99. 					}
  100. 

  101. 					// Check if enabled auto-registration.

  102. 					if setting.Service.EnableReverseProxyAutoRegister {
  103. 						u := &models.User{
  104. 							Name:     webAuthUser,
  105. 							Email:    uuid.NewV4().String() + "@localhost",
  106. 							Passwd:   webAuthUser,
  107. 							IsActive: true,
  108. 						}
  109. 						if err = models.CreateUser(u); err != nil {
  110. 							// FIXME: should I create a system notice?

  111. 							log.Error(4, "CreateUser: %v", err)
  112. 							return nil, false
  113. 						} else {
  114. 							return u, false
  115. 						}
  116. 					}
  117. 				}
  118. 				return u, false
  119. 			}
  120. 		}
  121. 

  122. 		// Check with basic auth.

  123. 		baHead := ctx.Req.Header.Get("Authorization")
  124. 		if len(baHead) > 0 {
  125. 			auths := strings.Fields(baHead)
  126. 			if len(auths) == 2 && auths[0] == "Basic" {
  127. 				uname, passwd, _ := base.BasicAuthDecode(auths[1])
  128. 

  129. 				u, err := models.UserSignIn(uname, passwd)
  130. 				if err != nil {
  131. 					if !models.IsErrUserNotExist(err) {
  132. 						log.Error(4, "UserSignIn: %v", err)
  133. 					}
  134. 					return nil, false
  135. 				}
  136. 

  137. 				return u, true
  138. 			}
  139. 		}
  140. 		return nil, false
  141. 	}
  142. 

  143. 	u, err := models.GetUserByID(uid)
  144. 	if err != nil {
  145. 		log.Error(4, "GetUserById: %v", err)
  146. 		return nil, false
  147. 	}
  148. 	return u, false
  149. }
  150. 

  151. type Form interface {
  152. 	binding.Validator
  153. }
  154. 

  155. func init() {
  156. 	binding.SetNameMapper(com.ToSnakeCase)
  157. }
  158. 

  159. // AssignForm assign form values back to the template data.

  160. func AssignForm(form interface{}, data map[string]interface{}) {
  161. 	typ := reflect.TypeOf(form)
  162. 	val := reflect.ValueOf(form)
  163. 

  164. 	if typ.Kind() == reflect.Ptr {
  165. 		typ = typ.Elem()
  166. 		val = val.Elem()
  167. 	}
  168. 

  169. 	for i := 0; i < typ.NumField(); i++ {
  170. 		field := typ.Field(i)
  171. 

  172. 		fieldName := field.Tag.Get("form")
  173. 		// Allow ignored fields in the struct

  174. 		if fieldName == "-" {
  175. 			continue
  176. 		} else if len(fieldName) == 0 {
  177. 			fieldName = com.ToSnakeCase(field.Name)
  178. 		}
  179. 

  180. 		data[fieldName] = val.Field(i).Interface()
  181. 	}
  182. }
  183. 

  184. func getSize(field reflect.StructField, prefix string) string {
  185. 	for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {
  186. 		if strings.HasPrefix(rule, prefix) {
  187. 			return rule[len(prefix) : len(rule)-1]
  188. 		}
  189. 	}
  190. 	return ""
  191. }
  192. 

  193. func GetSize(field reflect.StructField) string {
  194. 	return getSize(field, "Size(")
  195. }
  196. 

  197. func GetMinSize(field reflect.StructField) string {
  198. 	return getSize(field, "MinSize(")
  199. }
  200. 

  201. func GetMaxSize(field reflect.StructField) string {
  202. 	return getSize(field, "MaxSize(")
  203. }
  204. 

  205. // FIXME: struct contains a struct

  206. func validateStruct(obj interface{}) binding.Errors {
  207. 

  208. 	return nil
  209. }
  210. 

  211. func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors {
  212. 	if errs.Len() == 0 {
  213. 		return errs
  214. 	}
  215. 

  216. 	data["HasError"] = true
  217. 	AssignForm(f, data)
  218. 

  219. 	typ := reflect.TypeOf(f)
  220. 	val := reflect.ValueOf(f)
  221. 

  222. 	if typ.Kind() == reflect.Ptr {
  223. 		typ = typ.Elem()
  224. 		val = val.Elem()
  225. 	}
  226. 

  227. 	for i := 0; i < typ.NumField(); i++ {
  228. 		field := typ.Field(i)
  229. 

  230. 		fieldName := field.Tag.Get("form")
  231. 		// Allow ignored fields in the struct

  232. 		if fieldName == "-" {
  233. 			continue
  234. 		}
  235. 

  236. 		if errs[0].FieldNames[0] == field.Name {
  237. 			data["Err_"+field.Name] = true
  238. 

  239. 			trName := field.Tag.Get("locale")
  240. 			if len(trName) == 0 {
  241. 				trName = l.Tr("form." + field.Name)
  242. 			} else {
  243. 				trName = l.Tr(trName)
  244. 			}
  245. 

  246. 			switch errs[0].Classification {
  247. 			case binding.ERR_REQUIRED:
  248. 				data["ErrorMsg"] = trName + l.Tr("form.require_error")
  249. 			case binding.ERR_ALPHA_DASH:
  250. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_error")
  251. 			case binding.ERR_ALPHA_DASH_DOT:
  252. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_dot_error")
  253. 			case binding.ERR_SIZE:
  254. 				data["ErrorMsg"] = trName + l.Tr("form.size_error", GetSize(field))
  255. 			case binding.ERR_MIN_SIZE:
  256. 				data["ErrorMsg"] = trName + l.Tr("form.min_size_error", GetMinSize(field))
  257. 			case binding.ERR_MAX_SIZE:
  258. 				data["ErrorMsg"] = trName + l.Tr("form.max_size_error", GetMaxSize(field))
  259. 			case binding.ERR_EMAIL:
  260. 				data["ErrorMsg"] = trName + l.Tr("form.email_error")
  261. 			case binding.ERR_URL:
  262. 				data["ErrorMsg"] = trName + l.Tr("form.url_error")
  263. 			default:
  264. 				data["ErrorMsg"] = l.Tr("form.unknown_error") + " " + errs[0].Classification
  265. 			}
  266. 			return errs
  267. 		}
  268. 	}
  269. 	return errs
  270. }