aboutsummaryrefslogtreecommitdiffstats
path: root/routers/repo
diff options
context:
space:
mode:
authorChristopher Brickley <brickley@gmail.com>2015-01-08 09:16:38 -0500
committerChristopher Brickley <brickley@gmail.com>2015-01-08 09:30:22 -0500
commitd0827e5d5ebc8713e7ba40f560617c3306007ed7 (patch)
treebd8edf02b44adc35c96ba1353fcce92800f956dc /routers/repo
parentbb26285a12f90a4331053169bf580cc766bc6add (diff)
downloadgitea-d0827e5d5ebc8713e7ba40f560617c3306007ed7.tar.gz
gitea-d0827e5d5ebc8713e7ba40f560617c3306007ed7.zip
allow http push by token - #842
Diffstat (limited to 'routers/repo')
-rw-r--r--routers/repo/http.go41
1 files changed, 34 insertions, 7 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go
index a5e01efc8f..862974ce14 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -78,6 +78,7 @@ func Http(ctx *middleware.Context) {
var askAuth = !isPublicPull || setting.Service.RequireSignInView
var authUser *models.User
var authUsername, passwd string
+ usedToken := false
// check access
if askAuth {
@@ -103,15 +104,41 @@ func Http(ctx *middleware.Context) {
authUser, err = models.GetUserByName(authUsername)
if err != nil {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
+ // check if a token was given instead of username
+ tokens, err := models.ListAllAccessTokens()
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
+
+ for _, token := range tokens {
+ if token.Sha1 == authUsername {
+ // get user belonging to token
+ authUser, err = models.GetUserById(token.Uid)
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
+ authUsername = authUser.Name
+ usedToken = true
+ break
+ }
+ }
+
+ if authUser == nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
}
- newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
- newUser.EncodePasswd()
- if authUser.Passwd != newUser.Passwd {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
+ // check password if token is not used
+ if !usedToken {
+ newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
+ newUser.EncodePasswd()
+ if authUser.Passwd != newUser.Passwd {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
}
if !isPublicPull {