summaryrefslogtreecommitdiffstats
path: root/modules/auth/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'modules/auth/auth.go')
-rw-r--r--modules/auth/auth.go18
1 files changed, 16 insertions, 2 deletions
diff --git a/modules/auth/auth.go b/modules/auth/auth.go
index 5f6ff75dd8..edb596c240 100644
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@@ -1,4 +1,5 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
@@ -54,7 +55,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
// Let's see if token is valid.
if len(tokenSHA) > 0 {
if strings.Contains(tokenSHA, ".") {
- uid := checkOAuthAccessToken(tokenSHA)
+ uid := CheckOAuthAccessToken(tokenSHA)
if uid != 0 {
ctx.Data["IsApiToken"] = true
}
@@ -85,7 +86,8 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
return 0
}
-func checkOAuthAccessToken(accessToken string) int64 {
+// CheckOAuthAccessToken returns uid of user from oauth token token
+func CheckOAuthAccessToken(accessToken string) int64 {
// JWT tokens require a "."
if !strings.Contains(accessToken, ".") {
return 0
@@ -178,6 +180,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
// Assume password is token
authToken = passwd
}
+
+ uid := CheckOAuthAccessToken(authToken)
+ if uid != 0 {
+ var err error
+ ctx.Data["IsApiToken"] = true
+
+ u, err = models.GetUserByID(uid)
+ if err != nil {
+ log.Error("GetUserByID: %v", err)
+ return nil, false
+ }
+ }
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {