Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)

* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes * Remove unnecessary check * Rename sso -> auth * remove unused method of Auth interface
author: Lunny Xiao <xiaolunwen@gmail.com> 2021-06-10 01:53:16 +0800
committer: GitHub <noreply@github.com> 2021-06-09 19:53:16 +0200
commit: fb3ffeb18df6bb94bb3f69348a93398b05259174 (patch)
tree: aa56433e062bc68d2a118581a715ee324f025594 /modules/context
parent: da057996d584c633524406d69b424cbc3d4473eb (diff)
download: gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.tar.gz
gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.zip
2 files changed, 44 insertions, 34 deletions
diff --git a/modules/context/api.go b/modules/context/api.go
index cbd90c50e4..5068246745 100644
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -14,11 +14,11 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/auth/sso"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/auth"
 
 	"gitea.com/go-chi/session"
 )
@@ -217,6 +217,26 @@ func (ctx *APIContext) CheckForOTP() {
 	}
 }
 
+// APIAuth converts auth.Auth as a middleware
+func APIAuth(authMethod auth.Auth) func(*APIContext) {
+	return func(ctx *APIContext) {
+		// Get user from session if logged in.
+		ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
+		if ctx.User != nil {
+			ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name()
+			ctx.IsSigned = true
+			ctx.Data["IsSigned"] = ctx.IsSigned
+			ctx.Data["SignedUser"] = ctx.User
+			ctx.Data["SignedUserID"] = ctx.User.ID
+			ctx.Data["SignedUserName"] = ctx.User.Name
+			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+		} else {
+			ctx.Data["SignedUserID"] = int64(0)
+			ctx.Data["SignedUserName"] = ""
+		}
+	}
+}
+
 // APIContexter returns apicontext as middleware
 func APIContexter() func(http.Handler) http.Handler {
 	var csrfOpts = getCsrfOpts()
@@ -250,20 +270,6 @@ func APIContexter() func(http.Handler) http.Handler {
 				}
 			}
 
-			// Get user from session if logged in.
-			ctx.User, ctx.IsBasicAuth = sso.SignedInUser(ctx.Req, ctx.Resp, &ctx, ctx.Session)
-			if ctx.User != nil {
-				ctx.IsSigned = true
-				ctx.Data["IsSigned"] = ctx.IsSigned
-				ctx.Data["SignedUser"] = ctx.User
-				ctx.Data["SignedUserID"] = ctx.User.ID
-				ctx.Data["SignedUserName"] = ctx.User.Name
-				ctx.Data["IsAdmin"] = ctx.User.IsAdmin
-			} else {
-				ctx.Data["SignedUserID"] = int64(0)
-				ctx.Data["SignedUserName"] = ""
-			}
-
 			ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)
 
 			ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())
diff --git a/modules/context/context.go b/modules/context/context.go
index d45e9ff87c..492b3f80de 100644
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -21,7 +21,6 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/auth/sso"
 	"code.gitea.io/gitea/modules/base"
 	mc "code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/log"
@@ -29,6 +28,7 @@ import (
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/auth"
 
 	"gitea.com/go-chi/cache"
 	"gitea.com/go-chi/session"
@@ -605,6 +605,28 @@ func getCsrfOpts() CsrfOptions {
 	}
 }
 
+// Auth converts auth.Auth as a middleware
+func Auth(authMethod auth.Auth) func(*Context) {
+	return func(ctx *Context) {
+		ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
+		if ctx.User != nil {
+			ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name()
+			ctx.IsSigned = true
+			ctx.Data["IsSigned"] = ctx.IsSigned
+			ctx.Data["SignedUser"] = ctx.User
+			ctx.Data["SignedUserID"] = ctx.User.ID
+			ctx.Data["SignedUserName"] = ctx.User.Name
+			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+		} else {
+			ctx.Data["SignedUserID"] = int64(0)
+			ctx.Data["SignedUserName"] = ""
+
+			// ensure the session uid is deleted
+			_ = ctx.Session.Delete("uid")
+		}
+	}
+}
+
 // Contexter initializes a classic context for a request.
 func Contexter() func(next http.Handler) http.Handler {
 	var rnd = templates.HTMLRenderer()
@@ -690,24 +712,6 @@ func Contexter() func(next http.Handler) http.Handler {
 				}
 			}
 
-			// Get user from session if logged in.
-			ctx.User, ctx.IsBasicAuth = sso.SignedInUser(ctx.Req, ctx.Resp, &ctx, ctx.Session)
-
-			if ctx.User != nil {
-				ctx.IsSigned = true
-				ctx.Data["IsSigned"] = ctx.IsSigned
-				ctx.Data["SignedUser"] = ctx.User
-				ctx.Data["SignedUserID"] = ctx.User.ID
-				ctx.Data["SignedUserName"] = ctx.User.Name
-				ctx.Data["IsAdmin"] = ctx.User.IsAdmin
-			} else {
-				ctx.Data["SignedUserID"] = int64(0)
-				ctx.Data["SignedUserName"] = ""
-
-				// ensure the session uid is deleted
-				_ = ctx.Session.Delete("uid")
-			}
-
 			ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)
 
 			ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())
author	Lunny Xiao <xiaolunwen@gmail.com>	2021-06-10 01:53:16 +0800
committer	GitHub <noreply@github.com>	2021-06-09 19:53:16 +0200
commit	fb3ffeb18df6bb94bb3f69348a93398b05259174 (patch)
tree	aa56433e062bc68d2a118581a715ee324f025594 /modules/context
parent	da057996d584c633524406d69b424cbc3d4473eb (diff)
download	gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.tar.gz gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.zip