summaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2020-04-14 19:32:03 +0100
committerGitHub <noreply@github.com>2020-04-14 13:32:03 -0500
commit7c48085ff492d620ddc7fc1f8713d64a8963c8c3 (patch)
treeb9f736a11de0aa3630d939c84346244d540a5cba /routers
parentf7ecc2bee7eb62ad6bac2697ce5acc6a1767e415 (diff)
downloadgitea-7c48085ff492d620ddc7fc1f8713d64a8963c8c3.tar.gz
gitea-7c48085ff492d620ddc7fc1f8713d64a8963c8c3.zip
Remove check on username if AccessToken authentication (#11015)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
-rw-r--r--routers/repo/http.go25
1 files changed, 5 insertions, 20 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go
index e0beba888e..725659bcf0 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -188,27 +188,12 @@ func HTTP(ctx *context.Context) {
// Assume password is a token.
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
- if isUsernameToken {
- authUser, err = models.GetUserByID(token.UID)
- if err != nil {
- ctx.ServerError("GetUserByID", err)
- return
- }
- } else {
- authUser, err = models.GetUserByName(authUsername)
- if err != nil {
- if models.IsErrUserNotExist(err) {
- ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
- } else {
- ctx.ServerError("GetUserByName", err)
- }
- return
- }
- if authUser.ID != token.UID {
- ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
- return
- }
+ authUser, err = models.GetUserByID(token.UID)
+ if err != nil {
+ ctx.ServerError("GetUserByID", err)
+ return
}
+
token.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(token); err != nil {
ctx.ServerError("UpdateAccessToken", err)