closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2428 Commits
2 Branches
178 MiB
Tree: 03011e31fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '03011e31fe'
${ noResults }
gitea/modules/middleware/auth.go

96 lines
2.3 KiB
Raw Normal View History

move templateFuncs to one file, add middleware context.
10 years ago
Batch updates
10 years ago
New UI merge in progress
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
Finish verify email
10 years ago
#1128: API calls are not hidden behind sign in
9 years ago
Fixed #209
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
add csrf check
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
New UI merge in progress
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
Clean api code
10 years ago
Fixed #209
10 years ago
Add suburl support
10 years ago
Fix install bugs
10 years ago
Fix #543
10 years ago
Add setting.AppSubUrl for LANDING_PAGE = explore Add setting.AppSubUrl in case of different ROOT_URL and LANDING_PAGE = explore
9 years ago
Fix #543
10 years ago
Clean api code
10 years ago
Fix dashboard auto-log bug
10 years ago
Add suburl support
10 years ago
Work on admin
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
add csrf check
10 years ago
#1128: API calls are not hidden behind sign in
9 years ago
modules/midlleware: little auth code fix
9 years ago
Add suburl support
10 years ago
add csrf check
10 years ago
Fixed #209
10 years ago
Finish new reset password, etc.
10 years ago
Fix #425
10 years ago
add csrf check
10 years ago
Fix SSH key bug in windows
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
#12, add/edit hook
10 years ago
#1127: hide user e-mail when API caller isn't signed in
9 years ago
#12, add/edit hook
10 years ago
more APIs on #12
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package middleware
  6. 

  7. import (
  8. 	"net/url"
  9. 

  10. 	"github.com/Unknwon/macaron"
  11. 	"github.com/macaron-contrib/csrf"
  12. 

  13. 	"github.com/gogits/gogs/modules/auth"
  14. 	"github.com/gogits/gogs/modules/setting"
  15. )
  16. 

  17. type ToggleOptions struct {
  18. 	SignInRequire  bool
  19. 	SignOutRequire bool
  20. 	AdminRequire   bool
  21. 	DisableCsrf    bool
  22. }
  23. 

  24. func Toggle(options *ToggleOptions) macaron.Handler {
  25. 	return func(ctx *Context) {
  26. 		// Cannot view any page before installation.

  27. 		if !setting.InstallLock {
  28. 			ctx.Redirect(setting.AppSubUrl + "/install")
  29. 			return
  30. 		}
  31. 

  32. 		// Checking non-logged users landing page.

  33. 		if !ctx.IsSigned && ctx.Req.RequestURI == "/" && setting.LandingPageUrl != setting.LANDING_PAGE_HOME {
  34. 			ctx.Redirect(setting.AppSubUrl + string(setting.LandingPageUrl))
  35. 			return
  36. 		}
  37. 

  38. 		// Redirect to dashboard if user tries to visit any non-login page.

  39. 		if options.SignOutRequire && ctx.IsSigned && ctx.Req.RequestURI != "/" {
  40. 			ctx.Redirect(setting.AppSubUrl + "/")
  41. 			return
  42. 		}
  43. 

  44. 		if !options.SignOutRequire && !options.DisableCsrf && ctx.Req.Method == "POST" {
  45. 			csrf.Validate(ctx.Context, ctx.csrf)
  46. 			if ctx.Written() {
  47. 				return
  48. 			}
  49. 		}
  50. 

  51. 		if options.SignInRequire {
  52. 			if !ctx.IsSigned {
  53. 				// Restrict API calls with error message.

  54. 				if auth.IsAPIPath(ctx.Req.URL.Path) {
  55. 					ctx.HandleAPI(403, "Only signed in user is allowed to call APIs.")
  56. 					return
  57. 				}
  58. 

  59. 				ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
  60. 				ctx.Redirect(setting.AppSubUrl + "/user/login")
  61. 				return
  62. 			} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
  63. 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
  64. 				ctx.HTML(200, "user/auth/activate")
  65. 				return
  66. 			}
  67. 		}
  68. 

  69. 		if options.AdminRequire {
  70. 			if !ctx.User.IsAdmin {
  71. 				ctx.Error(403)
  72. 				return
  73. 			}
  74. 			ctx.Data["PageIsAdmin"] = true
  75. 		}
  76. 	}
  77. }
  78. 

  79. // Contexter middleware already checks token for user sign in process.

  80. func ApiReqToken() macaron.Handler {
  81. 	return func(ctx *Context) {
  82. 		if !ctx.IsSigned {
  83. 			ctx.Error(403)
  84. 			return
  85. 		}
  86. 	}
  87. }
  88. 

  89. func ApiReqBasicAuth() macaron.Handler {
  90. 	return func(ctx *Context) {
  91. 		if !ctx.IsBasicAuth {
  92. 			ctx.Error(403)
  93. 			return
  94. 		}
  95. 	}
  96. }