summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/auth/auth.go18
-rw-r--r--modules/middleware/auth.go9
-rw-r--r--modules/middleware/context.go7
3 files changed, 22 insertions, 12 deletions
diff --git a/modules/auth/auth.go b/modules/auth/auth.go
index da89c20c1b..302620dbc8 100644
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@@ -60,9 +60,9 @@ func SignedInId(req *http.Request, sess session.Store) int64 {
}
// SignedInUser returns the user object of signed user.
-func SignedInUser(req *http.Request, sess session.Store) *models.User {
+func SignedInUser(req *http.Request, sess session.Store) (*models.User, bool) {
if !models.HasEngine {
- return nil
+ return nil, false
}
uid := SignedInId(req, sess)
@@ -76,9 +76,9 @@ func SignedInUser(req *http.Request, sess session.Store) *models.User {
if err != models.ErrUserNotExist {
log.Error(4, "GetUserByName: %v", err)
}
- return nil
+ return nil, false
}
- return u
+ return u, false
}
}
@@ -93,23 +93,23 @@ func SignedInUser(req *http.Request, sess session.Store) *models.User {
if err != models.ErrUserNotExist {
log.Error(4, "GetUserByName: %v", err)
}
- return nil
+ return nil, false
}
if u.ValidtePassword(passwd) {
- return u
+ return u, true
}
}
}
- return nil
+ return nil, false
}
u, err := models.GetUserById(uid)
if err != nil {
log.Error(4, "GetUserById: %v", err)
- return nil
+ return nil, false
}
- return u
+ return u, false
}
type Form interface {
diff --git a/modules/middleware/auth.go b/modules/middleware/auth.go
index 8388d2b25e..fc8e94bbd0 100644
--- a/modules/middleware/auth.go
+++ b/modules/middleware/auth.go
@@ -76,3 +76,12 @@ func ApiReqToken() macaron.Handler {
}
}
}
+
+func ApiReqBasicAuth() macaron.Handler {
+ return func(ctx *Context) {
+ if !ctx.IsBasicAuth {
+ ctx.Error(403)
+ return
+ }
+ }
+}
diff --git a/modules/middleware/context.go b/modules/middleware/context.go
index cbc0b0cf3c..fb33c48e0e 100644
--- a/modules/middleware/context.go
+++ b/modules/middleware/context.go
@@ -34,8 +34,9 @@ type Context struct {
Flash *session.Flash
Session session.Store
- User *models.User
- IsSigned bool
+ User *models.User
+ IsSigned bool
+ IsBasicAuth bool
Repo struct {
IsOwner bool
@@ -172,7 +173,7 @@ func Contexter() macaron.Handler {
ctx.Data["PageStartTime"] = time.Now()
// Get user from session if logined.
- ctx.User = auth.SignedInUser(ctx.Req.Request, ctx.Session)
+ ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Req.Request, ctx.Session)
if ctx.User != nil {
ctx.IsSigned = true