closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3715 Commits
2 Branches
178 MiB
Tree: 42a556a082
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '42a556a082'
${ noResults }
gitea/routers/admin/auths.go

234 lines
6.3 KiB
Raw Normal View History

fix code
10 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
add support for smtp authentication
10 years ago
Fix #173
10 years ago
ldap support
10 years ago
basic authentications
10 years ago
fix code
10 years ago
ldap support
10 years ago
Allow Gogs to run from a suburl behind a reverse proxy. e.g. http://mydomain.com/gogs/ Conflicts: modules/setting/setting.go Conflicts: templates/repo/release/list.tmpl templates/user/dashboard/dashboard.tmpl Conflicts: routers/repo/setting.go
10 years ago
ldap support
10 years ago
In progress of name template name constant
10 years ago
Continue working on new admin pages
10 years ago
In progress of name template name constant
10 years ago
Continue working on new admin pages
10 years ago
#697 disable captcha and new admin create user UI
9 years ago
Continue working on new admin pages
10 years ago
#697 disable captcha and new admin create user UI
9 years ago
Continue working on new admin pages
10 years ago
more minor fix on 1581
9 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new add auth UI
9 years ago
ldap support
10 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new add auth UI
9 years ago
add support for smtp authentication
10 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
finish new edit auth UI
9 years ago
#1637 able to skip verify for LDAP
9 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
9 years ago
LDAP: Fetch attributes in Bind DN context option This is feature is workaround for #2628 (JumpCloud) and some other services that allow LDAP search only under BindDN user account, but not allow any LDAP search query in logged user DN context. Such approach is an alternative to minimal permissions security pattern for BindDN user.
8 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
9 years ago
finish new edit auth UI
9 years ago
#1620 add allowed domains for SMTP auth
9 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
add support for smtp authentication
10 years ago
ldap support
10 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
finish new edit auth UI
9 years ago
Add tar.gz download button and other mirror updates
10 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
Add PAM authentication
9 years ago
UI fix
10 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
#1625 remove auto_register and makes it default
9 years ago
finish new edit auth UI
9 years ago
Continue working on new admin pages
10 years ago
ldap support
10 years ago
#1124 LDAP add and edit form are misleading
9 years ago
finish new edit auth UI
9 years ago
Add suburl support
10 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
add support for smtp authentication
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
In progress of name template name constant
10 years ago
basic authentications
10 years ago
add support for smtp authentication
10 years ago
Add tar.gz download button and other mirror updates
10 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
Add PAM authentication
9 years ago
Fix #173
10 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
Continue working on new admin pages
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
Add suburl support
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package admin
  6. 

  7. import (
  8. 	"github.com/Unknwon/com"
  9. 	"github.com/go-xorm/core"
  10. 

  11. 	"github.com/gogits/gogs/models"
  12. 	"github.com/gogits/gogs/modules/auth"
  13. 	"github.com/gogits/gogs/modules/auth/ldap"
  14. 	"github.com/gogits/gogs/modules/base"
  15. 	"github.com/gogits/gogs/modules/log"
  16. 	"github.com/gogits/gogs/modules/middleware"
  17. 	"github.com/gogits/gogs/modules/setting"
  18. )
  19. 

  20. const (
  21. 	AUTHS     base.TplName = "admin/auth/list"
  22. 	AUTH_NEW  base.TplName = "admin/auth/new"
  23. 	AUTH_EDIT base.TplName = "admin/auth/edit"
  24. )
  25. 

  26. func Authentications(ctx *middleware.Context) {
  27. 	ctx.Data["Title"] = ctx.Tr("admin.authentication")
  28. 	ctx.Data["PageIsAdmin"] = true
  29. 	ctx.Data["PageIsAdminAuthentications"] = true
  30. 

  31. 	var err error
  32. 	ctx.Data["Sources"], err = models.LoginSources()
  33. 	if err != nil {
  34. 		ctx.Handle(500, "LoginSources", err)
  35. 		return
  36. 	}
  37. 

  38. 	ctx.Data["Total"] = models.CountLoginSources()
  39. 	ctx.HTML(200, AUTHS)
  40. }
  41. 

  42. type AuthSource struct {
  43. 	Name string
  44. 	Type models.LoginType
  45. }
  46. 

  47. var authSources = []AuthSource{
  48. 	{models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP},
  49. 	{models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP},
  50. 	{models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP},
  51. 	{models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM},
  52. }
  53. 

  54. func NewAuthSource(ctx *middleware.Context) {
  55. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")
  56. 	ctx.Data["PageIsAdmin"] = true
  57. 	ctx.Data["PageIsAdminAuthentications"] = true
  58. 

  59. 	ctx.Data["type"] = models.LOGIN_LDAP
  60. 	ctx.Data["CurTypeName"] = models.LoginNames[models.LOGIN_LDAP]
  61. 	ctx.Data["smtp_auth"] = "PLAIN"
  62. 	ctx.Data["is_active"] = true
  63. 	ctx.Data["AuthSources"] = authSources
  64. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  65. 	ctx.HTML(200, AUTH_NEW)
  66. }
  67. 

  68. func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {
  69. 	return &models.LDAPConfig{
  70. 		Source: &ldap.Source{
  71. 			Name:              form.Name,
  72. 			Host:              form.Host,
  73. 			Port:              form.Port,
  74. 			UseSSL:            form.TLS,
  75. 			SkipVerify:        form.SkipVerify,
  76. 			BindDN:            form.BindDN,
  77. 			UserDN:            form.UserDN,
  78. 			BindPassword:      form.BindPassword,
  79. 			UserBase:          form.UserBase,
  80. 			AttributeUsername: form.AttributeUsername,
  81. 			AttributeName:     form.AttributeName,
  82. 			AttributeSurname:  form.AttributeSurname,
  83. 			AttributeMail:     form.AttributeMail,
  84. 			AttributesInBind:  form.AttributesInBind,
  85. 			Filter:            form.Filter,
  86. 			AdminFilter:       form.AdminFilter,
  87. 			Enabled:           true,
  88. 		},
  89. 	}
  90. }
  91. 

  92. func parseSMTPConfig(form auth.AuthenticationForm) *models.SMTPConfig {
  93. 	return &models.SMTPConfig{
  94. 		Auth:           form.SMTPAuth,
  95. 		Host:           form.SMTPHost,
  96. 		Port:           form.SMTPPort,
  97. 		AllowedDomains: form.AllowedDomains,
  98. 		TLS:            form.TLS,
  99. 		SkipVerify:     form.SkipVerify,
  100. 	}
  101. }
  102. 

  103. func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
  104. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")
  105. 	ctx.Data["PageIsAdmin"] = true
  106. 	ctx.Data["PageIsAdminAuthentications"] = true
  107. 

  108. 	ctx.Data["CurTypeName"] = models.LoginNames[models.LoginType(form.Type)]
  109. 	ctx.Data["AuthSources"] = authSources
  110. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  111. 

  112. 	if ctx.HasError() {
  113. 		ctx.HTML(200, AUTH_NEW)
  114. 		return
  115. 	}
  116. 

  117. 	var config core.Conversion
  118. 	switch models.LoginType(form.Type) {
  119. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:
  120. 		config = parseLDAPConfig(form)
  121. 	case models.LOGIN_SMTP:
  122. 		config = parseSMTPConfig(form)
  123. 	case models.LOGIN_PAM:
  124. 		config = &models.PAMConfig{
  125. 			ServiceName: form.PAMServiceName,
  126. 		}
  127. 	default:
  128. 		ctx.Error(400)
  129. 		return
  130. 	}
  131. 

  132. 	if err := models.CreateSource(&models.LoginSource{
  133. 		Type:      models.LoginType(form.Type),
  134. 		Name:      form.Name,
  135. 		IsActived: form.IsActive,
  136. 		Cfg:       config,
  137. 	}); err != nil {
  138. 		ctx.Handle(500, "CreateSource", err)
  139. 		return
  140. 	}
  141. 

  142. 	log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
  143. 

  144. 	ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))
  145. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths")
  146. }
  147. 

  148. func EditAuthSource(ctx *middleware.Context) {
  149. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
  150. 	ctx.Data["PageIsAdmin"] = true
  151. 	ctx.Data["PageIsAdminAuthentications"] = true
  152. 

  153. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  154. 

  155. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  156. 	if err != nil {
  157. 		ctx.Handle(500, "GetLoginSourceByID", err)
  158. 		return
  159. 	}
  160. 	ctx.Data["Source"] = source
  161. 	ctx.HTML(200, AUTH_EDIT)
  162. }
  163. 

  164. func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
  165. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
  166. 	ctx.Data["PageIsAdmin"] = true
  167. 	ctx.Data["PageIsAdminAuthentications"] = true
  168. 

  169. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  170. 

  171. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  172. 	if err != nil {
  173. 		ctx.Handle(500, "GetLoginSourceByID", err)
  174. 		return
  175. 	}
  176. 	ctx.Data["Source"] = source
  177. 

  178. 	if ctx.HasError() {
  179. 		ctx.HTML(200, AUTH_EDIT)
  180. 		return
  181. 	}
  182. 

  183. 	var config core.Conversion
  184. 	switch models.LoginType(form.Type) {
  185. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:
  186. 		config = parseLDAPConfig(form)
  187. 	case models.LOGIN_SMTP:
  188. 		config = parseSMTPConfig(form)
  189. 	case models.LOGIN_PAM:
  190. 		config = &models.PAMConfig{
  191. 			ServiceName: form.PAMServiceName,
  192. 		}
  193. 	default:
  194. 		ctx.Error(400)
  195. 		return
  196. 	}
  197. 

  198. 	source.Name = form.Name
  199. 	source.IsActived = form.IsActive
  200. 	source.Cfg = config
  201. 	if err := models.UpdateSource(source); err != nil {
  202. 		ctx.Handle(500, "UpdateSource", err)
  203. 		return
  204. 	}
  205. 	log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, source.ID)
  206. 

  207. 	ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
  208. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + com.ToStr(form.ID))
  209. }
  210. 

  211. func DeleteAuthSource(ctx *middleware.Context) {
  212. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  213. 	if err != nil {
  214. 		ctx.Handle(500, "GetLoginSourceByID", err)
  215. 		return
  216. 	}
  217. 

  218. 	if err = models.DeleteSource(source); err != nil {
  219. 		switch err {
  220. 		case models.ErrAuthenticationUserUsed:
  221. 			ctx.Flash.Error("form.still_own_user")
  222. 			ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + ctx.Params(":authid"))
  223. 		default:
  224. 			ctx.Handle(500, "DeleteSource", err)
  225. 		}
  226. 		return
  227. 	}
  228. 	log.Trace("Authentication deleted by admin(%s): %d", ctx.User.Name, source.ID)
  229. 

  230. 	ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success"))
  231. 	ctx.JSON(200, map[string]interface{}{
  232. 		"redirect": setting.AppSubUrl + "/admin/auths",
  233. 	})
  234. }