Clean api code

author: Unknown <joe2010xtmf@163.com> 2014-05-05 13:08:01 -0400
committer: Unknown <joe2010xtmf@163.com> 2014-05-05 13:08:01 -0400
commit: c1eb4d894a092aed1b87ddf5f80ee824fd56789d (patch)
tree: b58beee7c762cbbb1cec524c16471788820609b6 /modules/middleware/auth.go
parent: 5f653898f3b39669ce9dbf0ee2263c391695019d (diff)
download: gitea-c1eb4d894a092aed1b87ddf5f80ee824fd56789d.tar.gz
gitea-c1eb4d894a092aed1b87ddf5f80ee824fd56789d.zip
1 files changed, 5 insertions, 7 deletions
diff --git a/modules/middleware/auth.go b/modules/middleware/auth.go
index 39b7796d92..cd00d4679e 100644
--- a/modules/middleware/auth.go
+++ b/modules/middleware/auth.go
@@ -21,23 +21,21 @@ type ToggleOptions struct {
 
 func Toggle(options *ToggleOptions) martini.Handler {
 	return func(ctx *Context) {
+		// Cannot view any page before installation.
 		if !base.InstallLock {
 			ctx.Redirect("/install")
 			return
 		}
 
+		// Redirect to dashboard if user tries to visit any non-login page.
 		if options.SignOutRequire && ctx.IsSigned && ctx.Req.RequestURI != "/" {
 			ctx.Redirect("/")
 			return
 		}
 
-		if !options.DisableCsrf {
-			if ctx.Req.Method == "POST" {
-				if !ctx.CsrfTokenValid() {
-					ctx.Error(403, "CSRF token does not match")
-					return
-				}
-			}
+		if !options.DisableCsrf && ctx.Req.Method == "POST" && !ctx.CsrfTokenValid() {
+			ctx.Error(403, "CSRF token does not match")
+			return
 		}
 
 		if options.SignInRequire {
author	Unknown <joe2010xtmf@163.com>	2014-05-05 13:08:01 -0400
committer	Unknown <joe2010xtmf@163.com>	2014-05-05 13:08:01 -0400
commit	c1eb4d894a092aed1b87ddf5f80ee824fd56789d (patch)
tree	b58beee7c762cbbb1cec524c16471788820609b6 /modules/middleware/auth.go
parent	5f653898f3b39669ce9dbf0ee2263c391695019d (diff)
download	gitea-c1eb4d894a092aed1b87ddf5f80ee824fd56789d.tar.gz gitea-c1eb4d894a092aed1b87ddf5f80ee824fd56789d.zip