summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--models/publickey.go4
-rw-r--r--routers/repo/repo.go70
2 files changed, 38 insertions, 36 deletions
diff --git a/models/publickey.go b/models/publickey.go
index 42d2523b5f..426e6b0be7 100644
--- a/models/publickey.go
+++ b/models/publickey.go
@@ -77,8 +77,8 @@ func init() {
// PublicKey represents a SSH key of user.
type PublicKey struct {
Id int64
- OwnerId int64 `xorm:" index not null"`
- Name string `xorm:" not null"` //UNIQUE(s)
+ OwnerId int64 `xorm:"unique(s) index not null"`
+ Name string `xorm:"unique(s) not null"` //UNIQUE(s)
Fingerprint string
Content string `xorm:"TEXT not null"`
Created time.Time `xorm:"created"`
diff --git a/routers/repo/repo.go b/routers/repo/repo.go
index b6a5d1780c..d223600c52 100644
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@@ -261,7 +261,7 @@ func basicDecode(encoded string) (user string, name string, err error) {
}
func authRequired(ctx *middleware.Context) {
- ctx.ResponseWriter.Header().Set("WWW-Authenticate", `Basic realm="Gogs Auth"`)
+ ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
ctx.HTML(401, fmt.Sprintf("status/401"))
}
@@ -273,6 +273,8 @@ func Http(ctx *middleware.Context, params martini.Params) {
reponame = reponame[:len(reponame)-4]
}
+ //fmt.Println("req:", ctx.Req.Header)
+
repoUser, err := models.GetUserByName(username)
if err != nil {
ctx.Handle(500, "repo.GetUserByName", nil)
@@ -297,43 +299,43 @@ func Http(ctx *middleware.Context, params martini.Params) {
// check basic auth
baHead := ctx.Req.Header.Get("Authorization")
- if baHead != "" {
- auths := strings.Fields(baHead)
- if len(auths) != 2 || auths[0] != "Basic" {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
- }
- authUsername, passwd, err := basicDecode(auths[1])
- if err != nil {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
- }
+ if baHead == "" {
+ authRequired(ctx)
+ return
+ }
- authUser, err := models.GetUserByName(authUsername)
- if err != nil {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
- }
+ auths := strings.Fields(baHead)
+ if len(auths) != 2 || auths[0] != "Basic" {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
+ authUsername, passwd, err := basicDecode(auths[1])
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
- newUser := &models.User{Passwd: passwd}
- newUser.EncodePasswd()
- if authUser.Passwd != newUser.Passwd {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
- }
+ authUser, err := models.GetUserByName(authUsername)
+ if err != nil {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
- var tp = models.AU_WRITABLE
- if isPull {
- tp = models.AU_READABLE
- }
+ newUser := &models.User{Passwd: passwd}
+ newUser.EncodePasswd()
+ if authUser.Passwd != newUser.Passwd {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
+ return
+ }
- has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
- if err != nil || !has {
- ctx.Handle(401, "no basic auth and digit auth", nil)
- return
- }
- } else {
- authRequired(ctx)
+ var tp = models.AU_WRITABLE
+ if isPull {
+ tp = models.AU_READABLE
+ }
+
+ has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
+ if err != nil || !has {
+ ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
}