You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

93 lines
2.6 KiB

10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
9 years ago
10 years ago
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package context
  5. import (
  6. "net/url"
  7. "github.com/go-gitea/gitea/modules/auth"
  8. "github.com/go-gitea/gitea/modules/setting"
  9. "github.com/go-macaron/csrf"
  10. macaron "gopkg.in/macaron.v1"
  11. )
  12. type ToggleOptions struct {
  13. SignInRequired bool
  14. SignOutRequired bool
  15. AdminRequired bool
  16. DisableCSRF bool
  17. }
  18. func Toggle(options *ToggleOptions) macaron.Handler {
  19. return func(ctx *Context) {
  20. // Cannot view any page before installation.
  21. if !setting.InstallLock {
  22. ctx.Redirect(setting.AppSubUrl + "/install")
  23. return
  24. }
  25. // Check prohibit login users.
  26. if ctx.IsSigned && ctx.User.ProhibitLogin {
  27. ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
  28. ctx.HTML(200, "user/auth/prohibit_login")
  29. return
  30. }
  31. // Check non-logged users landing page.
  32. if !ctx.IsSigned && ctx.Req.RequestURI == "/" && setting.LandingPageURL != setting.LANDING_PAGE_HOME {
  33. ctx.Redirect(setting.AppSubUrl + string(setting.LandingPageURL))
  34. return
  35. }
  36. // Redirect to dashboard if user tries to visit any non-login page.
  37. if options.SignOutRequired && ctx.IsSigned && ctx.Req.RequestURI != "/" {
  38. ctx.Redirect(setting.AppSubUrl + "/")
  39. return
  40. }
  41. if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" && !auth.IsAPIPath(ctx.Req.URL.Path) {
  42. csrf.Validate(ctx.Context, ctx.csrf)
  43. if ctx.Written() {
  44. return
  45. }
  46. }
  47. if options.SignInRequired {
  48. if !ctx.IsSigned {
  49. // Restrict API calls with error message.
  50. if auth.IsAPIPath(ctx.Req.URL.Path) {
  51. ctx.JSON(403, map[string]string{
  52. "message": "Only signed in user is allowed to call APIs.",
  53. })
  54. return
  55. }
  56. ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
  57. ctx.Redirect(setting.AppSubUrl + "/user/login")
  58. return
  59. } else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
  60. ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
  61. ctx.HTML(200, "user/auth/activate")
  62. return
  63. }
  64. }
  65. // Redirect to log in page if auto-signin info is provided and has not signed in.
  66. if !options.SignOutRequired && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) &&
  67. len(ctx.GetCookie(setting.CookieUserName)) > 0 {
  68. ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
  69. ctx.Redirect(setting.AppSubUrl + "/user/login")
  70. return
  71. }
  72. if options.AdminRequired {
  73. if !ctx.User.IsAdmin {
  74. ctx.Error(403)
  75. return
  76. }
  77. ctx.Data["PageIsAdmin"] = true
  78. }
  79. }
  80. }