closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1778 Commits
2 Branches
178 MiB
Tree: d21d7171b0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd21d7171b0'
${ noResults }
gitea/routers/user/auth.go

446 lines
11 KiB
Raw Normal View History

New UI merge in progress
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
New UI merge in progress
10 years ago
Page: Manage social accounts
10 years ago
New UI merge in progress
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Set cookiepath to AppSubUrl
10 years ago
New UI merge in progress
10 years ago
Set cookiepath to AppSubUrl
10 years ago
New UI merge in progress
10 years ago
Add suburl support
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
Set cookiepath to AppSubUrl
10 years ago
New UI merge in progress
10 years ago
Set cookiepath to AppSubUrl
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Set cookiepath to AppSubUrl
10 years ago
New UI merge in progress
10 years ago
Add suburl support
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
Set cookiepath to AppSubUrl
10 years ago
Add suburl support
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
Page: Manage social accounts
10 years ago
Finish new collaboration page
10 years ago
Page: Manage social accounts
10 years ago
Finish new collaboration page
10 years ago
Page: Manage social accounts
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Finish new collaboration page
10 years ago
New UI merge in progress
10 years ago
Page: Manage social accounts
10 years ago
New UI merge in progress
10 years ago
Fix API broken
10 years ago
New UI merge in progress
10 years ago
Page: Manage social accounts
10 years ago
New UI merge in progress
10 years ago
Page: Manage social accounts
10 years ago
Fix #465
10 years ago
Page: Manage social accounts
10 years ago
New UI merge in progress
10 years ago
Add suburl support
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
Add suburl support
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
Finish new reset password, etc.
10 years ago
Add suburl support
10 years ago
Finish new reset password, etc.
10 years ago
New UI merge in progress
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package user
  6. 

  7. import (
  8. 	"net/url"
  9. 	"strings"
  10. 

  11. 	"github.com/macaron-contrib/captcha"
  12. 

  13. 	"github.com/gogits/gogs/models"
  14. 	"github.com/gogits/gogs/modules/auth"
  15. 	"github.com/gogits/gogs/modules/base"
  16. 	"github.com/gogits/gogs/modules/log"
  17. 	"github.com/gogits/gogs/modules/mailer"
  18. 	"github.com/gogits/gogs/modules/middleware"
  19. 	"github.com/gogits/gogs/modules/setting"
  20. )
  21. 

  22. const (
  23. 	SIGNIN          base.TplName = "user/auth/signin"
  24. 	SIGNUP          base.TplName = "user/auth/signup"
  25. 	ACTIVATE        base.TplName = "user/auth/activate"
  26. 	FORGOT_PASSWORD base.TplName = "user/auth/forgot_passwd"
  27. 	RESET_PASSWORD  base.TplName = "user/auth/reset_passwd"
  28. )
  29. 

  30. func SignIn(ctx *middleware.Context) {
  31. 	ctx.Data["Title"] = ctx.Tr("sign_in")
  32. 

  33. 	if _, ok := ctx.Session.Get("socialId").(int64); ok {
  34. 		ctx.Data["IsSocialLogin"] = true
  35. 		ctx.HTML(200, SIGNIN)
  36. 		return
  37. 	}
  38. 

  39. 	if setting.OauthService != nil {
  40. 		ctx.Data["OauthEnabled"] = true
  41. 		ctx.Data["OauthService"] = setting.OauthService
  42. 	}
  43. 

  44. 	// Check auto-login.

  45. 	uname := ctx.GetCookie(setting.CookieUserName)
  46. 	if len(uname) == 0 {
  47. 		ctx.HTML(200, SIGNIN)
  48. 		return
  49. 	}
  50. 

  51. 	isSucceed := false
  52. 	defer func() {
  53. 		if !isSucceed {
  54. 			log.Trace("auto-login cookie cleared: %s", uname)
  55. 			ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
  56. 			ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
  57. 			return
  58. 		}
  59. 	}()
  60. 

  61. 	u, err := models.GetUserByName(uname)
  62. 	if err != nil {
  63. 		if err != models.ErrUserNotExist {
  64. 			ctx.Handle(500, "GetUserByName", err)
  65. 		}
  66. 		return
  67. 	}
  68. 

  69. 	if val, _ := ctx.GetSuperSecureCookie(
  70. 		base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name {
  71. 		ctx.HTML(200, SIGNIN)
  72. 		return
  73. 	}
  74. 

  75. 	isSucceed = true
  76. 

  77. 	ctx.Session.Set("uid", u.Id)
  78. 	ctx.Session.Set("uname", u.Name)
  79. 	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  80. 		ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl)
  81. 		ctx.Redirect(redirectTo)
  82. 		return
  83. 	}
  84. 

  85. 	ctx.Redirect(setting.AppSubUrl + "/")
  86. }
  87. 

  88. func SignInPost(ctx *middleware.Context, form auth.SignInForm) {
  89. 	ctx.Data["Title"] = ctx.Tr("sign_in")
  90. 

  91. 	sid, isOauth := ctx.Session.Get("socialId").(int64)
  92. 	if isOauth {
  93. 		ctx.Data["IsSocialLogin"] = true
  94. 	} else if setting.OauthService != nil {
  95. 		ctx.Data["OauthEnabled"] = true
  96. 		ctx.Data["OauthService"] = setting.OauthService
  97. 	}
  98. 

  99. 	if ctx.HasError() {
  100. 		ctx.HTML(200, SIGNIN)
  101. 		return
  102. 	}
  103. 

  104. 	u, err := models.UserSignIn(form.UserName, form.Password)
  105. 	if err != nil {
  106. 		if err == models.ErrUserNotExist {
  107. 			ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form)
  108. 		} else {
  109. 			ctx.Handle(500, "UserSignIn", err)
  110. 		}
  111. 		return
  112. 	}
  113. 

  114. 	if form.Remember {
  115. 		days := 86400 * setting.LogInRememberDays
  116. 		ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl)
  117. 		ctx.SetSuperSecureCookie(base.EncodeMd5(u.Rands+u.Passwd),
  118. 			setting.CookieRememberName, u.Name, days, setting.AppSubUrl)
  119. 	}
  120. 

  121. 	// Bind with social account.

  122. 	if isOauth {
  123. 		if err = models.BindUserOauth2(u.Id, sid); err != nil {
  124. 			if err == models.ErrOauth2RecordNotExist {
  125. 				ctx.Handle(404, "GetOauth2ById", err)
  126. 			} else {
  127. 				ctx.Handle(500, "GetOauth2ById", err)
  128. 			}
  129. 			return
  130. 		}
  131. 		ctx.Session.Delete("socialId")
  132. 		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  133. 	}
  134. 

  135. 	ctx.Session.Set("uid", u.Id)
  136. 	ctx.Session.Set("uname", u.Name)
  137. 	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  138. 		ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl)
  139. 		ctx.Redirect(redirectTo)
  140. 		return
  141. 	}
  142. 

  143. 	ctx.Redirect(setting.AppSubUrl + "/")
  144. }
  145. 

  146. func SignOut(ctx *middleware.Context) {
  147. 	ctx.Session.Delete("uid")
  148. 	ctx.Session.Delete("uname")
  149. 	ctx.Session.Delete("socialId")
  150. 	ctx.Session.Delete("socialName")
  151. 	ctx.Session.Delete("socialEmail")
  152. 	ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
  153. 	ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
  154. 	ctx.Redirect(setting.AppSubUrl + "/")
  155. }
  156. 

  157. func oauthSignUp(ctx *middleware.Context, sid int64) {
  158. 	ctx.Data["Title"] = ctx.Tr("sign_up")
  159. 

  160. 	if _, err := models.GetOauth2ById(sid); err != nil {
  161. 		if err == models.ErrOauth2RecordNotExist {
  162. 			ctx.Handle(404, "GetOauth2ById", err)
  163. 		} else {
  164. 			ctx.Handle(500, "GetOauth2ById", err)
  165. 		}
  166. 		return
  167. 	}
  168. 

  169. 	ctx.Data["IsSocialLogin"] = true
  170. 	ctx.Data["uname"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1)
  171. 	ctx.Data["email"] = ctx.Session.Get("socialEmail")
  172. 	log.Trace("social ID: %v", ctx.Session.Get("socialId"))
  173. 	ctx.HTML(200, SIGNUP)
  174. }
  175. 

  176. func SignUp(ctx *middleware.Context) {
  177. 	ctx.Data["Title"] = ctx.Tr("sign_up")
  178. 

  179. 	if setting.Service.DisableRegistration {
  180. 		ctx.Data["DisableRegistration"] = true
  181. 		ctx.HTML(200, SIGNUP)
  182. 		return
  183. 	}
  184. 

  185. 	if sid, ok := ctx.Session.Get("socialId").(int64); ok {
  186. 		oauthSignUp(ctx, sid)
  187. 		return
  188. 	}
  189. 

  190. 	ctx.HTML(200, SIGNUP)
  191. }
  192. 

  193. func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
  194. 	ctx.Data["Title"] = ctx.Tr("sign_up")
  195. 

  196. 	if setting.Service.DisableRegistration {
  197. 		ctx.Error(403)
  198. 		return
  199. 	}
  200. 

  201. 	isOauth := false
  202. 	sid, isOauth := ctx.Session.Get("socialId").(int64)
  203. 	if isOauth {
  204. 		ctx.Data["IsSocialLogin"] = true
  205. 	}
  206. 

  207. 	// May redirect from home page.

  208. 	if ctx.Query("from") == "home" {
  209. 		// Clear input error box.

  210. 		ctx.Data["Err_UserName"] = false
  211. 		ctx.Data["Err_Email"] = false
  212. 

  213. 		// Make the best guess.

  214. 		uname := ctx.Query("uname")
  215. 		i := strings.Index(uname, "@")
  216. 		if i > -1 {
  217. 			ctx.Data["email"] = uname
  218. 			ctx.Data["uname"] = uname[:i]
  219. 		} else {
  220. 			ctx.Data["uname"] = uname
  221. 		}
  222. 		ctx.Data["password"] = ctx.Query("password")
  223. 		ctx.HTML(200, SIGNUP)
  224. 		return
  225. 	}
  226. 

  227. 	if ctx.HasError() {
  228. 		ctx.HTML(200, SIGNUP)
  229. 		return
  230. 	}
  231. 

  232. 	if !cpt.VerifyReq(ctx.Req) {
  233. 		ctx.Data["Err_Captcha"] = true
  234. 		ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), SIGNUP, &form)
  235. 		return
  236. 	} else if form.Password != form.Retype {
  237. 		ctx.Data["Err_Password"] = true
  238. 		ctx.RenderWithErr(ctx.Tr("form.password_not_match"), SIGNUP, &form)
  239. 		return
  240. 	}
  241. 

  242. 	u := &models.User{
  243. 		Name:     form.UserName,
  244. 		Email:    form.Email,
  245. 		Passwd:   form.Password,
  246. 		IsActive: !setting.Service.RegisterEmailConfirm || isOauth,
  247. 	}
  248. 

  249. 	if err := models.CreateUser(u); err != nil {
  250. 		switch err {
  251. 		case models.ErrUserAlreadyExist:
  252. 			ctx.Data["Err_UserName"] = true
  253. 			ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SIGNUP, &form)
  254. 		case models.ErrEmailAlreadyUsed:
  255. 			ctx.Data["Err_Email"] = true
  256. 			ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SIGNUP, &form)
  257. 		case models.ErrUserNameIllegal:
  258. 			ctx.Data["Err_UserName"] = true
  259. 			ctx.RenderWithErr(ctx.Tr("form.illegal_username"), SIGNUP, &form)
  260. 		default:
  261. 			ctx.Handle(500, "CreateUser", err)
  262. 		}
  263. 		return
  264. 	}
  265. 	log.Trace("Account created: %s", u.Name)
  266. 

  267. 	// Bind social account.

  268. 	if isOauth {
  269. 		if err := models.BindUserOauth2(u.Id, sid); err != nil {
  270. 			ctx.Handle(500, "BindUserOauth2", err)
  271. 			return
  272. 		}
  273. 		ctx.Session.Delete("socialId")
  274. 		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  275. 	}
  276. 

  277. 	// Send confirmation e-mail, no need for social account.

  278. 	if !isOauth && setting.Service.RegisterEmailConfirm && u.Id > 1 {
  279. 		mailer.SendRegisterMail(ctx.Render, u)
  280. 		ctx.Data["IsSendRegisterMail"] = true
  281. 		ctx.Data["Email"] = u.Email
  282. 		ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
  283. 		ctx.HTML(200, ACTIVATE)
  284. 

  285. 		if err := ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  286. 			log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
  287. 		}
  288. 		return
  289. 	}
  290. 

  291. 	ctx.Redirect(setting.AppSubUrl + "/user/login")
  292. }
  293. 

  294. func Activate(ctx *middleware.Context) {
  295. 	code := ctx.Query("code")
  296. 	if len(code) == 0 {
  297. 		ctx.Data["IsActivatePage"] = true
  298. 		if ctx.User.IsActive {
  299. 			ctx.Error(404)
  300. 			return
  301. 		}
  302. 		// Resend confirmation e-mail.

  303. 		if setting.Service.RegisterEmailConfirm {
  304. 			if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
  305. 				ctx.Data["ResendLimited"] = true
  306. 			} else {
  307. 				ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
  308. 				mailer.SendActiveMail(ctx.Render, ctx.User)
  309. 

  310. 				if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
  311. 					log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
  312. 				}
  313. 			}
  314. 		} else {
  315. 			ctx.Data["ServiceNotEnabled"] = true
  316. 		}
  317. 		ctx.HTML(200, ACTIVATE)
  318. 		return
  319. 	}
  320. 

  321. 	// Verify code.

  322. 	if user := models.VerifyUserActiveCode(code); user != nil {
  323. 		user.IsActive = true
  324. 		user.Rands = models.GetUserSalt()
  325. 		if err := models.UpdateUser(user); err != nil {
  326. 			if err == models.ErrUserNotExist {
  327. 				ctx.Error(404)
  328. 			} else {
  329. 				ctx.Handle(500, "UpdateUser", err)
  330. 			}
  331. 			return
  332. 		}
  333. 

  334. 		log.Trace("User activated: %s", user.Name)
  335. 

  336. 		ctx.Session.Set("uid", user.Id)
  337. 		ctx.Session.Set("uname", user.Name)
  338. 		ctx.Redirect(setting.AppSubUrl + "/")
  339. 		return
  340. 	}
  341. 

  342. 	ctx.Data["IsActivateFailed"] = true
  343. 	ctx.HTML(200, ACTIVATE)
  344. }
  345. 

  346. func ForgotPasswd(ctx *middleware.Context) {
  347. 	ctx.Data["Title"] = ctx.Tr("auth.forgot_password")
  348. 

  349. 	if setting.MailService == nil {
  350. 		ctx.Data["IsResetDisable"] = true
  351. 		ctx.HTML(200, FORGOT_PASSWORD)
  352. 		return
  353. 	}
  354. 

  355. 	ctx.Data["IsResetRequest"] = true
  356. 	ctx.HTML(200, FORGOT_PASSWORD)
  357. }
  358. 

  359. func ForgotPasswdPost(ctx *middleware.Context) {
  360. 	ctx.Data["Title"] = ctx.Tr("auth.forgot_password")
  361. 

  362. 	if setting.MailService == nil {
  363. 		ctx.Handle(403, "user.ForgotPasswdPost", nil)
  364. 		return
  365. 	}
  366. 	ctx.Data["IsResetRequest"] = true
  367. 

  368. 	email := ctx.Query("email")
  369. 	u, err := models.GetUserByEmail(email)
  370. 	if err != nil {
  371. 		if err == models.ErrUserNotExist {
  372. 			ctx.Data["Err_Email"] = true
  373. 			ctx.RenderWithErr(ctx.Tr("auth.email_not_associate"), FORGOT_PASSWORD, nil)
  374. 		} else {
  375. 			ctx.Handle(500, "user.ResetPasswd(check existence)", err)
  376. 		}
  377. 		return
  378. 	}
  379. 

  380. 	if ctx.Cache.IsExist("MailResendLimit_" + u.LowerName) {
  381. 		ctx.Data["ResendLimited"] = true
  382. 		ctx.HTML(200, FORGOT_PASSWORD)
  383. 		return
  384. 	}
  385. 

  386. 	mailer.SendResetPasswdMail(ctx.Render, u)
  387. 	if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  388. 		log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
  389. 	}
  390. 

  391. 	ctx.Data["Email"] = email
  392. 	ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
  393. 	ctx.Data["IsResetSent"] = true
  394. 	ctx.HTML(200, FORGOT_PASSWORD)
  395. }
  396. 

  397. func ResetPasswd(ctx *middleware.Context) {
  398. 	ctx.Data["Title"] = ctx.Tr("auth.reset_password")
  399. 

  400. 	code := ctx.Query("code")
  401. 	if len(code) == 0 {
  402. 		ctx.Error(404)
  403. 		return
  404. 	}
  405. 	ctx.Data["Code"] = code
  406. 	ctx.Data["IsResetForm"] = true
  407. 	ctx.HTML(200, RESET_PASSWORD)
  408. }
  409. 

  410. func ResetPasswdPost(ctx *middleware.Context) {
  411. 	ctx.Data["Title"] = ctx.Tr("auth.reset_password")
  412. 

  413. 	code := ctx.Query("code")
  414. 	if len(code) == 0 {
  415. 		ctx.Error(404)
  416. 		return
  417. 	}
  418. 	ctx.Data["Code"] = code
  419. 

  420. 	if u := models.VerifyUserActiveCode(code); u != nil {
  421. 		// Validate password length.

  422. 		passwd := ctx.Query("password")
  423. 		if len(passwd) < 6 {
  424. 			ctx.Data["IsResetForm"] = true
  425. 			ctx.Data["Err_Password"] = true
  426. 			ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), RESET_PASSWORD, nil)
  427. 			return
  428. 		}
  429. 

  430. 		u.Passwd = passwd
  431. 		u.Rands = models.GetUserSalt()
  432. 		u.Salt = models.GetUserSalt()
  433. 		u.EncodePasswd()
  434. 		if err := models.UpdateUser(u); err != nil {
  435. 			ctx.Handle(500, "UpdateUser", err)
  436. 			return
  437. 		}
  438. 

  439. 		log.Trace("User password reset: %s", u.Name)
  440. 		ctx.Redirect(setting.AppSubUrl + "/user/login")
  441. 		return
  442. 	}
  443. 

  444. 	ctx.Data["IsResetFailed"] = true
  445. 	ctx.HTML(200, RESET_PASSWORD)
  446. }