aboutsummaryrefslogtreecommitdiffstats
path: root/services/auth/source
diff options
context:
space:
mode:
Diffstat (limited to 'services/auth/source')
-rw-r--r--services/auth/source/db/authenticate.go6
-rw-r--r--services/auth/source/db/source.go6
-rw-r--r--services/auth/source/ldap/source_authenticate.go14
-rw-r--r--services/auth/source/ldap/source_sync.go4
-rw-r--r--services/auth/source/oauth2/source_authenticate.go6
-rw-r--r--services/auth/source/pam/source_authenticate.go5
-rw-r--r--services/auth/source/smtp/source_authenticate.go5
-rw-r--r--services/auth/source/source_group_sync.go4
8 files changed, 28 insertions, 22 deletions
diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go
index 34a0459149..8160141863 100644
--- a/services/auth/source/db/authenticate.go
+++ b/services/auth/source/db/authenticate.go
@@ -4,9 +4,9 @@
package db
import (
+ "context"
"fmt"
- "code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
@@ -43,7 +43,7 @@ func (err ErrUserPasswordInvalid) Unwrap() error {
}
// Authenticate authenticates the provided user against the DB
-func Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
+func Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) {
if user == nil {
return nil, user_model.ErrUserNotExist{Name: login}
}
@@ -61,7 +61,7 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us
if err := user.SetPassword(password); err != nil {
return nil, err
}
- if err := user_model.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
+ if err := user_model.UpdateUserCols(ctx, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
return nil, err
}
}
diff --git a/services/auth/source/db/source.go b/services/auth/source/db/source.go
index 3f4113c790..50eae27439 100644
--- a/services/auth/source/db/source.go
+++ b/services/auth/source/db/source.go
@@ -4,6 +4,8 @@
package db
import (
+ "context"
+
"code.gitea.io/gitea/models/auth"
user_model "code.gitea.io/gitea/models/user"
)
@@ -23,8 +25,8 @@ func (source *Source) ToDB() ([]byte, error) {
// Authenticate queries if login/password is valid against the PAM,
// and create a local user if success when enabled.
-func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
- return Authenticate(user, login, password)
+func (source *Source) Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) {
+ return Authenticate(ctx, user, login, password)
}
func init() {
diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go
index 3f3219adb9..dc166d9eb4 100644
--- a/services/auth/source/ldap/source_authenticate.go
+++ b/services/auth/source/ldap/source_authenticate.go
@@ -4,12 +4,12 @@
package ldap
import (
+ "context"
"fmt"
"strings"
asymkey_model "code.gitea.io/gitea/models/asymkey"
"code.gitea.io/gitea/models/auth"
- "code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user"
auth_module "code.gitea.io/gitea/modules/auth"
"code.gitea.io/gitea/modules/util"
@@ -19,7 +19,7 @@ import (
// Authenticate queries if login/password is valid against the LDAP directory pool,
// and create a local user if success when enabled.
-func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
+func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) {
loginName := userName
if user != nil {
loginName = user.LoginName
@@ -33,11 +33,11 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
// Update User admin flag if exist
- if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username); err != nil {
+ if isExist, err := user_model.IsUserExist(ctx, 0, sr.Username); err != nil {
return nil, err
} else if isExist {
if user == nil {
- user, err = user_model.GetUserByName(db.DefaultContext, sr.Username)
+ user, err = user_model.GetUserByName(ctx, sr.Username)
if err != nil {
return nil, err
}
@@ -55,7 +55,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
cols = append(cols, "is_restricted")
}
if len(cols) > 0 {
- err = user_model.UpdateUserCols(db.DefaultContext, user, cols...)
+ err = user_model.UpdateUserCols(ctx, user, cols...)
if err != nil {
return nil, err
}
@@ -94,7 +94,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
IsActive: util.OptionalBoolTrue,
}
- err := user_model.CreateUser(user, overwriteDefault)
+ err := user_model.CreateUser(ctx, user, overwriteDefault)
if err != nil {
return user, err
}
@@ -116,7 +116,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
if err != nil {
return user, err
}
- if err := source_service.SyncGroupsToTeams(db.DefaultContext, user, sr.Groups, groupTeamMapping, source.GroupTeamMapRemoval); err != nil {
+ if err := source_service.SyncGroupsToTeams(ctx, user, sr.Groups, groupTeamMapping, source.GroupTeamMapRemoval); err != nil {
return user, err
}
}
diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go
index df5eb60393..8fb1363fc2 100644
--- a/services/auth/source/ldap/source_sync.go
+++ b/services/auth/source/ldap/source_sync.go
@@ -28,7 +28,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
var sshKeysNeedUpdate bool
// Find all users with this login type - FIXME: Should this be an iterator?
- users, err := user_model.GetUsersBySource(source.authSource)
+ users, err := user_model.GetUsersBySource(ctx, source.authSource)
if err != nil {
log.Error("SyncExternalUsers: %v", err)
return err
@@ -128,7 +128,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
IsActive: util.OptionalBoolTrue,
}
- err = user_model.CreateUser(usr, overwriteDefault)
+ err = user_model.CreateUser(ctx, usr, overwriteDefault)
if err != nil {
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.authSource.Name, su.Username, err)
}
diff --git a/services/auth/source/oauth2/source_authenticate.go b/services/auth/source/oauth2/source_authenticate.go
index e3e2a9e192..bbda35dee0 100644
--- a/services/auth/source/oauth2/source_authenticate.go
+++ b/services/auth/source/oauth2/source_authenticate.go
@@ -4,13 +4,15 @@
package oauth2
import (
+ "context"
+
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/services/auth/source/db"
)
// Authenticate falls back to the db authenticator
-func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
- return db.Authenticate(user, login, password)
+func (source *Source) Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) {
+ return db.Authenticate(ctx, user, login, password)
}
// NB: Oauth2 does not implement LocalTwoFASkipper for password authentication
diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go
index e3a74e495c..0891a86392 100644
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@@ -4,6 +4,7 @@
package pam
import (
+ "context"
"fmt"
"strings"
@@ -18,7 +19,7 @@ import (
// Authenticate queries if login/password is valid against the PAM,
// and create a local user if success when enabled.
-func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
+func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) {
pamLogin, err := pam.Auth(source.ServiceName, userName, password)
if err != nil {
if strings.Contains(err.Error(), "Authentication failure") {
@@ -62,7 +63,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
IsActive: util.OptionalBoolTrue,
}
- if err := user_model.CreateUser(user, overwriteDefault); err != nil {
+ if err := user_model.CreateUser(ctx, user, overwriteDefault); err != nil {
return user, err
}
diff --git a/services/auth/source/smtp/source_authenticate.go b/services/auth/source/smtp/source_authenticate.go
index 7d7d1aa8b6..b244fc7d40 100644
--- a/services/auth/source/smtp/source_authenticate.go
+++ b/services/auth/source/smtp/source_authenticate.go
@@ -4,6 +4,7 @@
package smtp
import (
+ "context"
"errors"
"net/smtp"
"net/textproto"
@@ -16,7 +17,7 @@ import (
// Authenticate queries if the provided login/password is authenticates against the SMTP server
// Users will be autoregistered as required
-func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
+func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) {
// Verify allowed domains.
if len(source.AllowedDomains) > 0 {
idx := strings.Index(userName, "@")
@@ -77,7 +78,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
IsActive: util.OptionalBoolTrue,
}
- if err := user_model.CreateUser(user, overwriteDefault); err != nil {
+ if err := user_model.CreateUser(ctx, user, overwriteDefault); err != nil {
return user, err
}
diff --git a/services/auth/source/source_group_sync.go b/services/auth/source/source_group_sync.go
index e42f60bde2..3a2411ec55 100644
--- a/services/auth/source/source_group_sync.go
+++ b/services/auth/source/source_group_sync.go
@@ -100,12 +100,12 @@ func syncGroupsToTeamsCached(ctx context.Context, user *user_model.User, orgTeam
}
if action == syncAdd && !isMember {
- if err := models.AddTeamMember(team, user.ID); err != nil {
+ if err := models.AddTeamMember(ctx, team, user.ID); err != nil {
log.Error("group sync: Could not add user to team: %v", err)
return err
}
} else if action == syncRemove && isMember {
- if err := models.RemoveTeamMember(team, user.ID); err != nil {
+ if err := models.RemoveTeamMember(ctx, team, user.ID); err != nil {
log.Error("group sync: Could not remove user from team: %v", err)
return err
}