fix .netrc authentication (#2700)

* provide both possible authentication solutions Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
author: David Schneiderbauer <daviian@users.noreply.github.com> 2017-10-15 17:35:43 +0200
committer: Lauris BH <lauris@nix.lv> 2017-10-15 18:35:43 +0300
commit: 4ccb0fe3383707704eca5247b16d813c1d793f08 (patch)
tree: 4929fa9050058d666639d38c98aa1879e608427a /routers
parent: 1ec4dc6c1dec3814d8956bcd1157a51bfe53eb0e (diff)
download: gitea-4ccb0fe3383707704eca5247b16d813c1d793f08.tar.gz
gitea-4ccb0fe3383707704eca5247b16d813c1d793f08.zip
1 files changed, 24 insertions, 10 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go
index 3f6839ee36..cac1ec335f 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -139,19 +139,28 @@ func HTTP(ctx *context.Context) {
 			}
 
 			if authUser == nil {
-				authUser, err = models.GetUserByName(authUsername)
+				isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
 
-				if err != nil {
-					if models.IsErrUserNotExist(err) {
-						ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
-					} else {
-						ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
+				// Assume username is token
+				authToken := authUsername
+
+				if !isUsernameToken {
+					// Assume password is token
+					authToken = authPasswd
+
+					authUser, err = models.GetUserByName(authUsername)
+					if err != nil {
+						if models.IsErrUserNotExist(err) {
+							ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
+						} else {
+							ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
+						}
+						return
 					}
-					return
 				}
 
 				// Assume password is a token.
-				token, err := models.GetAccessTokenBySHA(authPasswd)
+				token, err := models.GetAccessTokenBySHA(authToken)
 				if err != nil {
 					if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
 						ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
@@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
 					return
 				}
 
-				if authUser.ID != token.UID {
+				if isUsernameToken {
+					authUser, err = models.GetUserByID(token.UID)
+					if err != nil {
+						ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
+						return
+					}
+				} else if authUser.ID != token.UID {
 					ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
 					return
 				}
@@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
 				if err = models.UpdateAccessToken(token); err != nil {
 					ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
 				}
-
 			} else {
 				_, err = models.GetTwoFactorByUID(authUser.ID)
author	David Schneiderbauer <daviian@users.noreply.github.com>	2017-10-15 17:35:43 +0200
committer	Lauris BH <lauris@nix.lv>	2017-10-15 18:35:43 +0300
commit	4ccb0fe3383707704eca5247b16d813c1d793f08 (patch)
tree	4929fa9050058d666639d38c98aa1879e608427a /routers
parent	1ec4dc6c1dec3814d8956bcd1157a51bfe53eb0e (diff)
download	gitea-4ccb0fe3383707704eca5247b16d813c1d793f08.tar.gz gitea-4ccb0fe3383707704eca5247b16d813c1d793f08.zip