diff options
| author | skyblue <ssx205@gmail.com> | 2014-04-05 22:53:17 +0800 |
|---|---|---|
| committer | skyblue <ssx205@gmail.com> | 2014-04-05 22:53:17 +0800 |
| commit | 1336d8d54d38736eaff7574af4002a60a1e153c2 (patch) | |
| tree | 4ed389c69842158fc2ffd0b83e70f21ecdc347c7 | |
| parent | c22d3503fd65ec95fd215b395be059392bf90d87 (diff) | |
| parent | 9791e70da67091d244728070b80ee92c98d6aa8b (diff) | |
| download | gitea-1336d8d54d38736eaff7574af4002a60a1e153c2.tar.gz gitea-1336d8d54d38736eaff7574af4002a60a1e153c2.zip | |
Merge branches 'dev' and 'dev' of github.com:gogits/gogs into dev
| -rw-r--r-- | models/publickey.go | 4 | ||||
| -rw-r--r-- | routers/repo/repo.go | 70 |
2 files changed, 38 insertions, 36 deletions
diff --git a/models/publickey.go b/models/publickey.go index 42d2523b5f..426e6b0be7 100644 --- a/models/publickey.go +++ b/models/publickey.go @@ -77,8 +77,8 @@ func init() { // PublicKey represents a SSH key of user. type PublicKey struct { Id int64 - OwnerId int64 `xorm:" index not null"` - Name string `xorm:" not null"` //UNIQUE(s) + OwnerId int64 `xorm:"unique(s) index not null"` + Name string `xorm:"unique(s) not null"` //UNIQUE(s) Fingerprint string Content string `xorm:"TEXT not null"` Created time.Time `xorm:"created"` diff --git a/routers/repo/repo.go b/routers/repo/repo.go index b6a5d1780c..d223600c52 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -261,7 +261,7 @@ func basicDecode(encoded string) (user string, name string, err error) { } func authRequired(ctx *middleware.Context) { - ctx.ResponseWriter.Header().Set("WWW-Authenticate", `Basic realm="Gogs Auth"`) + ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"") ctx.Data["ErrorMsg"] = "no basic auth and digit auth" ctx.HTML(401, fmt.Sprintf("status/401")) } @@ -273,6 +273,8 @@ func Http(ctx *middleware.Context, params martini.Params) { reponame = reponame[:len(reponame)-4] } + //fmt.Println("req:", ctx.Req.Header) + repoUser, err := models.GetUserByName(username) if err != nil { ctx.Handle(500, "repo.GetUserByName", nil) @@ -297,43 +299,43 @@ func Http(ctx *middleware.Context, params martini.Params) { // check basic auth baHead := ctx.Req.Header.Get("Authorization") - if baHead != "" { - auths := strings.Fields(baHead) - if len(auths) != 2 || auths[0] != "Basic" { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - authUsername, passwd, err := basicDecode(auths[1]) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } + if baHead == "" { + authRequired(ctx) + return + } - authUser, err := models.GetUserByName(authUsername) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } + auths := strings.Fields(baHead) + if len(auths) != 2 || auths[0] != "Basic" { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + authUsername, passwd, err := basicDecode(auths[1]) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } - newUser := &models.User{Passwd: passwd} - newUser.EncodePasswd() - if authUser.Passwd != newUser.Passwd { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } + authUser, err := models.GetUserByName(authUsername) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } - var tp = models.AU_WRITABLE - if isPull { - tp = models.AU_READABLE - } + newUser := &models.User{Passwd: passwd} + newUser.EncodePasswd() + if authUser.Passwd != newUser.Passwd { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } - has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) - if err != nil || !has { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - } else { - authRequired(ctx) + var tp = models.AU_WRITABLE + if isPull { + tp = models.AU_READABLE + } + + has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) + if err != nil || !has { + ctx.Handle(401, "no basic auth and digit auth", nil) return } } |