diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2022-03-28 12:46:28 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-28 12:46:28 +0800 |
| commit | 6526733a58632086d51ce7211b3a4dc75dbbef90 (patch) | |
| tree | d4d00230c18e0b4bbae1a767ef3f52800d284a14 /services/auth/auth.go | |
| parent | d6fa138e7ce7c36ce253a3c847e3218fd31452c4 (diff) | |
| download | gitea-6526733a58632086d51ce7211b3a4dc75dbbef90.tar.gz gitea-6526733a58632086d51ce7211b3a4dc75dbbef90.zip | |
Let web and API routes have different auth methods group (#19168)
* remove the global methods but create dynamiclly
* Fix lint
* Fix windows lint
* Fix windows lint
* some improvements
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'services/auth/auth.go')
| -rw-r--r-- | services/auth/auth.go | 62 |
1 files changed, 4 insertions, 58 deletions
diff --git a/services/auth/auth.go b/services/auth/auth.go index bdff777f50..a379cb1013 100644 --- a/services/auth/auth.go +++ b/services/auth/auth.go @@ -8,7 +8,6 @@ package auth import ( "fmt" "net/http" - "reflect" "regexp" "strings" @@ -21,75 +20,22 @@ import ( "code.gitea.io/gitea/modules/web/middleware" ) -// authMethods contains the list of authentication plugins in the order they are expected to be -// executed. -// -// The OAuth2 plugin is expected to be executed first, as it must ignore the user id stored -// in the session (if there is a user id stored in session other plugins might return the user -// object for that id). -// -// The Session plugin is expected to be executed second, in order to skip authentication -// for users that have already signed in. -var authMethods = []Method{ - &OAuth2{}, - &Basic{}, - &Session{}, -} - // The purpose of the following three function variables is to let the linter know that // those functions are not dead code and are actually being used var ( _ = handleSignIn -) - -// Methods returns the instances of all registered methods -func Methods() []Method { - return authMethods -} -// Register adds the specified instance to the list of available methods -func Register(method Method) { - authMethods = append(authMethods, method) -} + // SharedSession the session auth should only be used by web, but now both web and API/v1 + // will use it. We can remove this after Web removed dependent API/v1 + SharedSession = &Session{} +) // Init should be called exactly once when the application starts to allow plugins // to allocate necessary resources func Init() { - if setting.Service.EnableReverseProxyAuth { - Register(&ReverseProxy{}) - } - specialInit() - for _, method := range Methods() { - initializable, ok := method.(Initializable) - if !ok { - continue - } - - err := initializable.Init() - if err != nil { - log.Error("Could not initialize '%s' auth method, error: %s", reflect.TypeOf(method).String(), err) - } - } - webauthn.Init() } -// Free should be called exactly once when the application is terminating to allow Auth plugins -// to release necessary resources -func Free() { - for _, method := range Methods() { - freeable, ok := method.(Freeable) - if !ok { - continue - } - - err := freeable.Free() - if err != nil { - log.Error("Could not free '%s' auth method, error: %s", reflect.TypeOf(method).String(), err) - } - } -} - // isAttachmentDownload check if request is a file download (GET) with URL to an attachment func isAttachmentDownload(req *http.Request) bool { return strings.HasPrefix(req.URL.Path, "/attachments/") && req.Method == "GET" |