diff options
| author | zeripath <art27@cantab.net> | 2020-04-14 19:32:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-14 13:32:03 -0500 |
| commit | 7c48085ff492d620ddc7fc1f8713d64a8963c8c3 (patch) | |
| tree | b9f736a11de0aa3630d939c84346244d540a5cba /routers | |
| parent | f7ecc2bee7eb62ad6bac2697ce5acc6a1767e415 (diff) | |
| download | gitea-7c48085ff492d620ddc7fc1f8713d64a8963c8c3.tar.gz gitea-7c48085ff492d620ddc7fc1f8713d64a8963c8c3.zip | |
Remove check on username if AccessToken authentication (#11015)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/repo/http.go | 25 |
1 files changed, 5 insertions, 20 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go index e0beba888e..725659bcf0 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -188,27 +188,12 @@ func HTTP(ctx *context.Context) { // Assume password is a token. token, err := models.GetAccessTokenBySHA(authToken) if err == nil { - if isUsernameToken { - authUser, err = models.GetUserByID(token.UID) - if err != nil { - ctx.ServerError("GetUserByID", err) - return - } - } else { - authUser, err = models.GetUserByName(authUsername) - if err != nil { - if models.IsErrUserNotExist(err) { - ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr())) - } else { - ctx.ServerError("GetUserByName", err) - } - return - } - if authUser.ID != token.UID { - ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr())) - return - } + authUser, err = models.GetUserByID(token.UID) + if err != nil { + ctx.ServerError("GetUserByID", err) + return } + token.UpdatedUnix = timeutil.TimeStampNow() if err = models.UpdateAccessToken(token); err != nil { ctx.ServerError("UpdateAccessToken", err) |