return tokens, nil
}
+// ListAllAccessTokens returns all access tokens
+func ListAllAccessTokens() ([]*AccessToken, error) {
+ tokens := make([]*AccessToken, 0, 5)
+ err := x.Desc("id").Find(&tokens)
+ if err != nil {
+ return nil, err
+ }
+
+ for _, t := range tokens {
+ t.HasUsed = t.Updated.After(t.Created)
+ t.HasRecentActivity = t.Updated.Add(7 * 24 * time.Hour).After(time.Now())
+ }
+ return tokens, nil
+}
+
// DeleteAccessTokenById deletes access token by given ID.
func DeleteAccessTokenById(id int64) error {
_, err := x.Id(id).Delete(new(AccessToken))
var askAuth = !isPublicPull || setting.Service.RequireSignInView
var authUser *models.User
var authUsername, passwd string
+ usedToken := false
// check access
if askAuth {
authUser, err = models.GetUserByName(authUsername)
if err != nil {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
+ // check if a token was given instead of username
+ tokens, err := models.ListAllAccessTokens()
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
+
+ for _, token := range tokens {
+ if token.Sha1 == authUsername {
+ // get user belonging to token
+ authUser, err = models.GetUserById(token.Uid)
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
+ authUsername = authUser.Name
+ usedToken = true
+ break
+ }
+ }
+
+ if authUser == nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
}
- newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
- newUser.EncodePasswd()
- if authUser.Passwd != newUser.Passwd {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
+ // check password if token is not used
+ if !usedToken {
+ newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
+ newUser.EncodePasswd()
+ if authUser.Passwd != newUser.Passwd {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
}
if !isPublicPull {