closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3365 Commits
2 Branches
178 MiB
Tree: c62a6b7a12
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c62a6b7a12'
${ noResults }
gitea/routers/admin/auths.go

233 lines
6.3 KiB
Raw Normal View History

fix code
10 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
add support for smtp authentication
10 years ago
Fix #173
10 years ago
ldap support
10 years ago
basic authentications
10 years ago
fix code
10 years ago
ldap support
10 years ago
Allow Gogs to run from a suburl behind a reverse proxy. e.g. http://mydomain.com/gogs/ Conflicts: modules/setting/setting.go Conflicts: templates/repo/release/list.tmpl templates/user/dashboard/dashboard.tmpl Conflicts: routers/repo/setting.go
10 years ago
ldap support
10 years ago
In progress of name template name constant
10 years ago
Continue working on new admin pages
10 years ago
In progress of name template name constant
10 years ago
Continue working on new admin pages
10 years ago
#697 disable captcha and new admin create user UI
9 years ago
Continue working on new admin pages
10 years ago
#697 disable captcha and new admin create user UI
9 years ago
Continue working on new admin pages
10 years ago
more minor fix on 1581
9 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new add auth UI
9 years ago
ldap support
10 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new add auth UI
9 years ago
add support for smtp authentication
10 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
finish new edit auth UI
9 years ago
#1637 able to skip verify for LDAP
9 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
9 years ago
finish new edit auth UI
9 years ago
#1620 add allowed domains for SMTP auth
9 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
Continue working on new admin pages
10 years ago
finish new add auth UI
9 years ago
add support for smtp authentication
10 years ago
ldap support
10 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
finish new edit auth UI
9 years ago
Add tar.gz download button and other mirror updates
10 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
Add PAM authentication
9 years ago
UI fix
10 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
#1625 remove auto_register and makes it default
9 years ago
finish new edit auth UI
9 years ago
Continue working on new admin pages
10 years ago
ldap support
10 years ago
#1124 LDAP add and edit form are misleading
9 years ago
finish new edit auth UI
9 years ago
Add suburl support
10 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
In progress of name template name constant
10 years ago
ldap support
10 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
add support for smtp authentication
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
In progress of name template name constant
10 years ago
basic authentications
10 years ago
add support for smtp authentication
10 years ago
Add tar.gz download button and other mirror updates
10 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
finish new edit auth UI
9 years ago
#1938 #1374 disable password change for non-local users
9 years ago
Add PAM authentication
9 years ago
Fix #173
10 years ago
add support for smtp authentication
10 years ago
finish new edit auth UI
9 years ago
Continue working on new admin pages
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
New UI merge in progress
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
Continue working on new admin pages
10 years ago
Add suburl support
10 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
basic authentications
10 years ago
finish new edit auth UI
9 years ago
ldap support
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package admin
  6. 

  7. import (
  8. 	"github.com/Unknwon/com"
  9. 	"github.com/go-xorm/core"
  10. 

  11. 	"github.com/gogits/gogs/models"
  12. 	"github.com/gogits/gogs/modules/auth"
  13. 	"github.com/gogits/gogs/modules/auth/ldap"
  14. 	"github.com/gogits/gogs/modules/base"
  15. 	"github.com/gogits/gogs/modules/log"
  16. 	"github.com/gogits/gogs/modules/middleware"
  17. 	"github.com/gogits/gogs/modules/setting"
  18. )
  19. 

  20. const (
  21. 	AUTHS     base.TplName = "admin/auth/list"
  22. 	AUTH_NEW  base.TplName = "admin/auth/new"
  23. 	AUTH_EDIT base.TplName = "admin/auth/edit"
  24. )
  25. 

  26. func Authentications(ctx *middleware.Context) {
  27. 	ctx.Data["Title"] = ctx.Tr("admin.authentication")
  28. 	ctx.Data["PageIsAdmin"] = true
  29. 	ctx.Data["PageIsAdminAuthentications"] = true
  30. 

  31. 	var err error
  32. 	ctx.Data["Sources"], err = models.LoginSources()
  33. 	if err != nil {
  34. 		ctx.Handle(500, "LoginSources", err)
  35. 		return
  36. 	}
  37. 

  38. 	ctx.Data["Total"] = models.CountLoginSources()
  39. 	ctx.HTML(200, AUTHS)
  40. }
  41. 

  42. type AuthSource struct {
  43. 	Name string
  44. 	Type models.LoginType
  45. }
  46. 

  47. var authSources = []AuthSource{
  48. 	{models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP},
  49. 	{models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP},
  50. 	{models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP},
  51. 	{models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM},
  52. }
  53. 

  54. func NewAuthSource(ctx *middleware.Context) {
  55. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")
  56. 	ctx.Data["PageIsAdmin"] = true
  57. 	ctx.Data["PageIsAdminAuthentications"] = true
  58. 

  59. 	ctx.Data["type"] = models.LOGIN_LDAP
  60. 	ctx.Data["CurTypeName"] = models.LoginNames[models.LOGIN_LDAP]
  61. 	ctx.Data["smtp_auth"] = "PLAIN"
  62. 	ctx.Data["is_active"] = true
  63. 	ctx.Data["AuthSources"] = authSources
  64. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  65. 	ctx.HTML(200, AUTH_NEW)
  66. }
  67. 

  68. func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {
  69. 	return &models.LDAPConfig{
  70. 		Source: &ldap.Source{
  71. 			Name:              form.Name,
  72. 			Host:              form.Host,
  73. 			Port:              form.Port,
  74. 			UseSSL:            form.TLS,
  75. 			SkipVerify:        form.SkipVerify,
  76. 			BindDN:            form.BindDN,
  77. 			UserDN:            form.UserDN,
  78. 			BindPassword:      form.BindPassword,
  79. 			UserBase:          form.UserBase,
  80. 			AttributeUsername: form.AttributeUsername,
  81. 			AttributeName:     form.AttributeName,
  82. 			AttributeSurname:  form.AttributeSurname,
  83. 			AttributeMail:     form.AttributeMail,
  84. 			Filter:            form.Filter,
  85. 			AdminFilter:       form.AdminFilter,
  86. 			Enabled:           true,
  87. 		},
  88. 	}
  89. }
  90. 

  91. func parseSMTPConfig(form auth.AuthenticationForm) *models.SMTPConfig {
  92. 	return &models.SMTPConfig{
  93. 		Auth:           form.SMTPAuth,
  94. 		Host:           form.SMTPHost,
  95. 		Port:           form.SMTPPort,
  96. 		AllowedDomains: form.AllowedDomains,
  97. 		TLS:            form.TLS,
  98. 		SkipVerify:     form.SkipVerify,
  99. 	}
  100. }
  101. 

  102. func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
  103. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")
  104. 	ctx.Data["PageIsAdmin"] = true
  105. 	ctx.Data["PageIsAdminAuthentications"] = true
  106. 

  107. 	ctx.Data["CurTypeName"] = models.LoginNames[models.LoginType(form.Type)]
  108. 	ctx.Data["AuthSources"] = authSources
  109. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  110. 

  111. 	if ctx.HasError() {
  112. 		ctx.HTML(200, AUTH_NEW)
  113. 		return
  114. 	}
  115. 

  116. 	var config core.Conversion
  117. 	switch models.LoginType(form.Type) {
  118. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:
  119. 		config = parseLDAPConfig(form)
  120. 	case models.LOGIN_SMTP:
  121. 		config = parseSMTPConfig(form)
  122. 	case models.LOGIN_PAM:
  123. 		config = &models.PAMConfig{
  124. 			ServiceName: form.PAMServiceName,
  125. 		}
  126. 	default:
  127. 		ctx.Error(400)
  128. 		return
  129. 	}
  130. 

  131. 	if err := models.CreateSource(&models.LoginSource{
  132. 		Type:      models.LoginType(form.Type),
  133. 		Name:      form.Name,
  134. 		IsActived: form.IsActive,
  135. 		Cfg:       config,
  136. 	}); err != nil {
  137. 		ctx.Handle(500, "CreateSource", err)
  138. 		return
  139. 	}
  140. 

  141. 	log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
  142. 

  143. 	ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))
  144. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths")
  145. }
  146. 

  147. func EditAuthSource(ctx *middleware.Context) {
  148. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
  149. 	ctx.Data["PageIsAdmin"] = true
  150. 	ctx.Data["PageIsAdminAuthentications"] = true
  151. 

  152. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  153. 

  154. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  155. 	if err != nil {
  156. 		ctx.Handle(500, "GetLoginSourceByID", err)
  157. 		return
  158. 	}
  159. 	ctx.Data["Source"] = source
  160. 	ctx.HTML(200, AUTH_EDIT)
  161. }
  162. 

  163. func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
  164. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
  165. 	ctx.Data["PageIsAdmin"] = true
  166. 	ctx.Data["PageIsAdminAuthentications"] = true
  167. 

  168. 	ctx.Data["SMTPAuths"] = models.SMTPAuths
  169. 

  170. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  171. 	if err != nil {
  172. 		ctx.Handle(500, "GetLoginSourceByID", err)
  173. 		return
  174. 	}
  175. 	ctx.Data["Source"] = source
  176. 

  177. 	if ctx.HasError() {
  178. 		ctx.HTML(200, AUTH_EDIT)
  179. 		return
  180. 	}
  181. 

  182. 	var config core.Conversion
  183. 	switch models.LoginType(form.Type) {
  184. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:
  185. 		config = parseLDAPConfig(form)
  186. 	case models.LOGIN_SMTP:
  187. 		config = parseSMTPConfig(form)
  188. 	case models.LOGIN_PAM:
  189. 		config = &models.PAMConfig{
  190. 			ServiceName: form.PAMServiceName,
  191. 		}
  192. 	default:
  193. 		ctx.Error(400)
  194. 		return
  195. 	}
  196. 

  197. 	source.Name = form.Name
  198. 	source.IsActived = form.IsActive
  199. 	source.Cfg = config
  200. 	if err := models.UpdateSource(source); err != nil {
  201. 		ctx.Handle(500, "UpdateSource", err)
  202. 		return
  203. 	}
  204. 	log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, source.ID)
  205. 

  206. 	ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
  207. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + com.ToStr(form.ID))
  208. }
  209. 

  210. func DeleteAuthSource(ctx *middleware.Context) {
  211. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
  212. 	if err != nil {
  213. 		ctx.Handle(500, "GetLoginSourceByID", err)
  214. 		return
  215. 	}
  216. 

  217. 	if err = models.DeleteSource(source); err != nil {
  218. 		switch err {
  219. 		case models.ErrAuthenticationUserUsed:
  220. 			ctx.Flash.Error("form.still_own_user")
  221. 			ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + ctx.Params(":authid"))
  222. 		default:
  223. 			ctx.Handle(500, "DeleteSource", err)
  224. 		}
  225. 		return
  226. 	}
  227. 	log.Trace("Authentication deleted by admin(%s): %d", ctx.User.Name, source.ID)
  228. 

  229. 	ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success"))
  230. 	ctx.JSON(200, map[string]interface{}{
  231. 		"redirect": setting.AppSubUrl + "/admin/auths",
  232. 	})
  233. }