diff options
| author | Christopher Brickley <brickley@gmail.com> | 2015-01-08 09:16:38 -0500 |
|---|---|---|
| committer | Christopher Brickley <brickley@gmail.com> | 2015-01-08 09:30:22 -0500 |
| commit | d0827e5d5ebc8713e7ba40f560617c3306007ed7 (patch) | |
| tree | bd8edf02b44adc35c96ba1353fcce92800f956dc /routers | |
| parent | bb26285a12f90a4331053169bf580cc766bc6add (diff) | |
| download | gitea-d0827e5d5ebc8713e7ba40f560617c3306007ed7.tar.gz gitea-d0827e5d5ebc8713e7ba40f560617c3306007ed7.zip | |
allow http push by token - #842
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/repo/http.go | 41 |
1 files changed, 34 insertions, 7 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go index a5e01efc8f..862974ce14 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -78,6 +78,7 @@ func Http(ctx *middleware.Context) { var askAuth = !isPublicPull || setting.Service.RequireSignInView var authUser *models.User var authUsername, passwd string + usedToken := false // check access if askAuth { @@ -103,15 +104,41 @@ func Http(ctx *middleware.Context) { authUser, err = models.GetUserByName(authUsername) if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return + // check if a token was given instead of username + tokens, err := models.ListAllAccessTokens() + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + for _, token := range tokens { + if token.Sha1 == authUsername { + // get user belonging to token + authUser, err = models.GetUserById(token.Uid) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + authUsername = authUser.Name + usedToken = true + break + } + } + + if authUser == nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } } - newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} - newUser.EncodePasswd() - if authUser.Passwd != newUser.Passwd { - ctx.Handle(401, "no basic auth and digit auth", nil) - return + // check password if token is not used + if !usedToken { + newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} + newUser.EncodePasswd() + if authUser.Passwd != newUser.Passwd { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } } if !isPublicPull { |