You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

125 lines
3.4 KiB

  1. // Copyright 2018 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package setting
  5. import (
  6. "code.gitea.io/gitea/models"
  7. "code.gitea.io/gitea/modules/auth"
  8. "code.gitea.io/gitea/modules/auth/openid"
  9. "code.gitea.io/gitea/modules/context"
  10. "code.gitea.io/gitea/modules/log"
  11. "code.gitea.io/gitea/modules/setting"
  12. )
  13. // OpenIDPost response for change user's openid
  14. func OpenIDPost(ctx *context.Context, form auth.AddOpenIDForm) {
  15. ctx.Data["Title"] = ctx.Tr("settings")
  16. ctx.Data["PageIsSettingsSecurity"] = true
  17. if ctx.HasError() {
  18. loadSecurityData(ctx)
  19. ctx.HTML(200, tplSettingsSecurity)
  20. return
  21. }
  22. // WARNING: specifying a wrong OpenID here could lock
  23. // a user out of her account, would be better to
  24. // verify/confirm the new OpenID before storing it
  25. // Also, consider allowing for multiple OpenID URIs
  26. id, err := openid.Normalize(form.Openid)
  27. if err != nil {
  28. loadSecurityData(ctx)
  29. ctx.RenderWithErr(err.Error(), tplSettingsSecurity, &form)
  30. return
  31. }
  32. form.Openid = id
  33. log.Trace("Normalized id: " + id)
  34. oids, err := models.GetUserOpenIDs(ctx.User.ID)
  35. if err != nil {
  36. ctx.ServerError("GetUserOpenIDs", err)
  37. return
  38. }
  39. ctx.Data["OpenIDs"] = oids
  40. // Check that the OpenID is not already used
  41. for _, obj := range oids {
  42. if obj.URI == id {
  43. loadSecurityData(ctx)
  44. ctx.RenderWithErr(ctx.Tr("form.openid_been_used", id), tplSettingsSecurity, &form)
  45. return
  46. }
  47. }
  48. redirectTo := setting.AppURL + "user/settings/security"
  49. url, err := openid.RedirectURL(id, redirectTo, setting.AppURL)
  50. if err != nil {
  51. loadSecurityData(ctx)
  52. ctx.RenderWithErr(err.Error(), tplSettingsSecurity, &form)
  53. return
  54. }
  55. ctx.Redirect(url)
  56. }
  57. func settingsOpenIDVerify(ctx *context.Context) {
  58. log.Trace("Incoming call to: " + ctx.Req.Request.URL.String())
  59. fullURL := setting.AppURL + ctx.Req.Request.URL.String()[1:]
  60. log.Trace("Full URL: " + fullURL)
  61. id, err := openid.Verify(fullURL)
  62. if err != nil {
  63. ctx.RenderWithErr(err.Error(), tplSettingsSecurity, &auth.AddOpenIDForm{
  64. Openid: id,
  65. })
  66. return
  67. }
  68. log.Trace("Verified ID: " + id)
  69. oid := &models.UserOpenID{UID: ctx.User.ID, URI: id}
  70. if err = models.AddUserOpenID(oid); err != nil {
  71. if models.IsErrOpenIDAlreadyUsed(err) {
  72. ctx.RenderWithErr(ctx.Tr("form.openid_been_used", id), tplSettingsSecurity, &auth.AddOpenIDForm{Openid: id})
  73. return
  74. }
  75. ctx.ServerError("AddUserOpenID", err)
  76. return
  77. }
  78. log.Trace("Associated OpenID %s to user %s", id, ctx.User.Name)
  79. ctx.Flash.Success(ctx.Tr("settings.add_openid_success"))
  80. ctx.Redirect(setting.AppSubURL + "/user/settings/security")
  81. }
  82. // DeleteOpenID response for delete user's openid
  83. func DeleteOpenID(ctx *context.Context) {
  84. if err := models.DeleteUserOpenID(&models.UserOpenID{ID: ctx.QueryInt64("id"), UID: ctx.User.ID}); err != nil {
  85. ctx.ServerError("DeleteUserOpenID", err)
  86. return
  87. }
  88. log.Trace("OpenID address deleted: %s", ctx.User.Name)
  89. ctx.Flash.Success(ctx.Tr("settings.openid_deletion_success"))
  90. ctx.JSON(200, map[string]interface{}{
  91. "redirect": setting.AppSubURL + "/user/settings/security",
  92. })
  93. }
  94. // ToggleOpenIDVisibility response for toggle visibility of user's openid
  95. func ToggleOpenIDVisibility(ctx *context.Context) {
  96. if err := models.ToggleUserOpenIDVisibility(ctx.QueryInt64("id")); err != nil {
  97. ctx.ServerError("ToggleUserOpenIDVisibility", err)
  98. return
  99. }
  100. ctx.Redirect(setting.AppSubURL + "/user/settings/security")
  101. }