|
|
@ -78,6 +78,7 @@ func Http(ctx *middleware.Context) { |
|
|
|
var askAuth = !isPublicPull || setting.Service.RequireSignInView |
|
|
|
var authUser *models.User |
|
|
|
var authUsername, passwd string |
|
|
|
usedToken := false |
|
|
|
|
|
|
|
// check access
|
|
|
|
if askAuth { |
|
|
@ -103,15 +104,41 @@ func Http(ctx *middleware.Context) { |
|
|
|
|
|
|
|
authUser, err = models.GetUserByName(authUsername) |
|
|
|
if err != nil { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
// check if a token was given instead of username
|
|
|
|
tokens, err := models.ListAllAccessTokens() |
|
|
|
if err != nil { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
for _, token := range tokens { |
|
|
|
if token.Sha1 == authUsername { |
|
|
|
// get user belonging to token
|
|
|
|
authUser, err = models.GetUserById(token.Uid) |
|
|
|
if err != nil { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
} |
|
|
|
authUsername = authUser.Name |
|
|
|
usedToken = true |
|
|
|
break |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if authUser == nil { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} |
|
|
|
newUser.EncodePasswd() |
|
|
|
if authUser.Passwd != newUser.Passwd { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
// check password if token is not used
|
|
|
|
if !usedToken { |
|
|
|
newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} |
|
|
|
newUser.EncodePasswd() |
|
|
|
if authUser.Passwd != newUser.Passwd { |
|
|
|
ctx.Handle(401, "no basic auth and digit auth", nil) |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if !isPublicPull { |
|
|
|