summaryrefslogtreecommitdiffstats
path: root/routers/web/auth/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'routers/web/auth/auth.go')
-rw-r--r--routers/web/auth/auth.go117
1 files changed, 52 insertions, 65 deletions
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index 0f8128946c..2919fd3513 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -82,19 +82,12 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
isSucceed = true
- if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
- return false, fmt.Errorf("unable to RegenerateSession: Error: %w", err)
- }
-
- // Set session IDs
- if err := ctx.Session.Set("uid", u.ID); err != nil {
- return false, err
- }
- if err := ctx.Session.Set("uname", u.Name); err != nil {
- return false, err
- }
- if err := ctx.Session.Release(); err != nil {
- return false, err
+ if err := updateSession(ctx, nil, map[string]interface{}{
+ // Set session IDs
+ "uid": u.ID,
+ "uname": u.Name,
+ }); err != nil {
+ return false, fmt.Errorf("unable to updateSession: %w", err)
}
if err := resetLocale(ctx, u); err != nil {
@@ -252,32 +245,17 @@ func SignInPost(ctx *context.Context) {
return
}
- if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
- ctx.ServerError("UserSignIn: Unable to set regenerate session", err)
- return
- }
-
- // User will need to use 2FA TOTP or WebAuthn, save data
- if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
- ctx.ServerError("UserSignIn: Unable to set twofaUid in session", err)
- return
- }
-
- if err := ctx.Session.Set("twofaRemember", form.Remember); err != nil {
- ctx.ServerError("UserSignIn: Unable to set twofaRemember in session", err)
- return
+ updates := map[string]interface{}{
+ // User will need to use 2FA TOTP or WebAuthn, save data
+ "twofaUid": u.ID,
+ "twofaRemember": form.Remember,
}
-
if hasTOTPtwofa {
// User will need to use WebAuthn, save data
- if err := ctx.Session.Set("totpEnrolled", u.ID); err != nil {
- ctx.ServerError("UserSignIn: Unable to set WebAuthn Enrolled in session", err)
- return
- }
+ updates["totpEnrolled"] = u.ID
}
-
- if err := ctx.Session.Release(); err != nil {
- ctx.ServerError("UserSignIn: Unable to save session", err)
+ if err := updateSession(ctx, nil, updates); err != nil {
+ ctx.ServerError("UserSignIn: Unable to update session", err)
return
}
@@ -308,29 +286,23 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
setting.CookieRememberName, u.Name, days)
}
- if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
+ if err := updateSession(ctx, []string{
+ // Delete the openid, 2fa and linkaccount data
+ "openid_verified_uri",
+ "openid_signin_remember",
+ "openid_determined_email",
+ "openid_determined_username",
+ "twofaUid",
+ "twofaRemember",
+ "linkAccount",
+ }, map[string]interface{}{
+ "uid": u.ID,
+ "uname": u.Name,
+ }); err != nil {
ctx.ServerError("RegenerateSession", err)
return setting.AppSubURL + "/"
}
- // Delete the openid, 2fa and linkaccount data
- _ = ctx.Session.Delete("openid_verified_uri")
- _ = ctx.Session.Delete("openid_signin_remember")
- _ = ctx.Session.Delete("openid_determined_email")
- _ = ctx.Session.Delete("openid_determined_username")
- _ = ctx.Session.Delete("twofaUid")
- _ = ctx.Session.Delete("twofaRemember")
- _ = ctx.Session.Delete("linkAccount")
- if err := ctx.Session.Set("uid", u.ID); err != nil {
- log.Error("Error setting uid %d in session: %v", u.ID, err)
- }
- if err := ctx.Session.Set("uname", u.Name); err != nil {
- log.Error("Error setting uname %s session: %v", u.Name, err)
- }
- if err := ctx.Session.Release(); err != nil {
- log.Error("Unable to store session: %v", err)
- }
-
// Language setting of the user overwrites the one previously set
// If the user does not have a locale set, we save the current one.
if len(u.Language) == 0 {
@@ -762,22 +734,15 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) {
log.Trace("User activated: %s", user.Name)
- if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
+ if err := updateSession(ctx, nil, map[string]interface{}{
+ "uid": user.ID,
+ "uname": user.Name,
+ }); err != nil {
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err)
ctx.ServerError("ActivateUserEmail", err)
return
}
- if err := ctx.Session.Set("uid", user.ID); err != nil {
- log.Error("Error setting uid in session[%s]: %v", ctx.Session.ID(), err)
- }
- if err := ctx.Session.Set("uname", user.Name); err != nil {
- log.Error("Error setting uname in session[%s]: %v", ctx.Session.ID(), err)
- }
- if err := ctx.Session.Release(); err != nil {
- log.Error("Error storing session[%s]: %v", ctx.Session.ID(), err)
- }
-
if err := resetLocale(ctx, user); err != nil {
ctx.ServerError("resetLocale", err)
return
@@ -821,3 +786,25 @@ func ActivateEmail(ctx *context.Context) {
// Should users be logged in automatically here? (consider 2FA requirements, etc.)
ctx.Redirect(setting.AppSubURL + "/user/settings/account")
}
+
+func updateSession(ctx *context.Context, deletes []string, updates map[string]interface{}) error {
+ if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
+ return fmt.Errorf("regenerate session: %w", err)
+ }
+ sess := ctx.Session
+ sessID := sess.ID()
+ for _, k := range deletes {
+ if err := sess.Delete(k); err != nil {
+ return fmt.Errorf("delete %v in session[%s]: %w", k, sessID, err)
+ }
+ }
+ for k, v := range updates {
+ if err := sess.Set(k, v); err != nil {
+ return fmt.Errorf("set %v in session[%s]: %w", k, sessID, err)
+ }
+ }
+ if err := sess.Release(); err != nil {
+ return fmt.Errorf("store session[%s]: %w", sessID, err)
+ }
+ return nil
+}