aboutsummaryrefslogtreecommitdiffstats
path: root/models/login_source.go
Commit message (Collapse)AuthorAgeFilesLines
* Do not try to recreate ldap user if they are already created (#9900)zeripath2020-01-211-12/+12
| | | | | | | | * Do not try to recreate ldap user if they are already created * just remove autoregister Co-authored-by: techknowlogick <matti@mdranta.net>
* Check user != nil before checking values (#9881)zeripath2020-01-191-7/+15
| | | | | | * Check user != nil before checking values * Handle autoAdmin
* Add single sign-on support via SSPI on Windows (#8463)QuaSoft2019-11-231-2/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add single sign-on support via SSPI on Windows * Ensure plugins implement interface * Ensure plugins implement interface * Move functions used only by the SSPI auth method to sspi_windows.go * Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected * Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links. * Update documentation for the new 'SPNEGO with SSPI' login source * Mention in documentation that ROOT_URL should contain the FQDN of the server * Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing) * Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources) * Add option in SSPIConfig for removing of domains from logon names * Update helper text for StripDomainNames option * Make sure handleSignIn() is called after a new user object is created by SSPI auth method * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates * Remove code duplication * Log errors in ActiveLoginSources Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert suffix of randomly generated E-mails for Reverse proxy authentication Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert unneeded white-space change in template Co-Authored-By: Lauris BH <lauris@nix.lv> * Add copyright comments at the top of new files * Use loopback name for randomly generated emails * Add locale tag for the SSPISeparatorReplacement field with proper casing * Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields * Update docs/content/doc/features/authentication.en-us.md Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Remove Priority() method and define the order in which SSO auth methods should be executed in one place * Log authenticated username only if it's not empty * Rephrase helper text for automatic creation of users * Return error if more than one active SSPI auth source is found * Change newUser() function to return error, letting caller log/handle the error * Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed * Refactor initialization of the list containing SSO auth methods * Validate SSPI settings on POST * Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page * Make 'Default language' in SSPI config empty, unless changed by admin * Show error if admin tries to add a second authentication source of type SSPI * Simplify declaration of global variable * Rebuild gitgraph.js on Linux * Make sure config values containing only whitespace are not accepted
* Drop Admin attribute based on LDAP when login (continue #1743) (#8849)65432019-11-141-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update User information in Gitea based on LDAP when login * Update Admin Flag only if exist in settings * Fix affectation * Update models/login_source.go Co-Authored-By: JustKiddingCode <JustKiddingCode@users.noreply.github.com> * Better ident * Apply suggestions from code review Update user information Co-Authored-By: 6543 <24977596+6543@users.noreply.github.com> * Make fmt * add err handling * if user exist but login is Prohibit return return nil, and Prohibit err * keep login speed * User sync is implemented at #1478 - so only make sure that admin acces is drpoed if changed * handle error and still use async task * no async * only update admin if Sync is enabled * update two comments * add lafriks suggestions Co-Authored-By: Lauris BH <lauris@nix.lv> * if adminFilter is set - use it Co-Authored-By: Lauris BH <lauris@nix.lv> * Update models/login_source.go well - I should look more detaild at suggestions :D Co-Authored-By: Lauris BH <lauris@nix.lv> * make it work again * set is_admin value to user * look nicer
* Upgrade xorm to v0.8.0 (#8536)Lunny Xiao2019-10-171-1/+1
|
* Use gitea forked macaron (#7933)Tamal Saha2019-08-231-1/+1
| | | Signed-off-by: Tamal Saha <tamal@appscode.com>
* Display ui time with customize time location (#7792)Lunny Xiao2019-08-151-7/+7
| | | | | | | | | | | | | | | | | | * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
* Add additional password hash algorithms (closes #5859) (#6023)EpicCoder2019-07-071-0/+10
|
* Fix error log when loading issues caused by a xorm bug (#7271)Lunny Xiao2019-06-231-1/+1
| | | | | | | | | | | | * fix error log when loading issues caused by a xorm bug * upgrade packages * fix fmt * fix Consistency * fix tests
* Add golangci (#6418)kolaente2019-06-121-9/+12
|
* Remove macaron dependent on models (#6940)Lunny Xiao2019-05-141-2/+6
|
* fix bug when user login and want to resend register confirmation email (#6482)Lunny Xiao2019-04-021-6/+6
|
* Fix prohibit login check on authorization (#6106)Lunny Xiao2019-02-191-4/+23
| | | | | | | | | | | | * fix bug prohibit login not applied on dashboard * fix tests * fix bug user status leak * fix typo * return after render
* Only allow local login if password is non-empty (#5906)zeripath2019-01-301-1/+1
|
* Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh ↵zeripath2018-12-271-1/+14
| | | | | | | | key deletion (#5557) * Synchronize SSH keys on login with LDAP * BUG: Fix hang on sqlite during LDAP key deletion
* Refactor struct's time to remove unnecessary memory usage (#3142)Lunny Xiao2017-12-111-11/+3
| | | | | | | | | | | | | | * refactor struct's time to remove unnecessary memory usage * use AsTimePtr simple code * fix tests * fix time compare * fix template on gpg * use AddDuration instead of Add
* Replace deprecated Id method with ID (#2655)Ethan Koenig2017-10-051-5/+5
|
* Use AfterLoad instead of AfterSet on Structs (#2628)Lunny Xiao2017-10-011-8/+4
| | | | | | | | * use AfterLoad instead of AfterSet on Structs * fix the comments on AfterLoad * fix the comments on action AfterLoad
* Fix lint errors (#2547)Ethan Koenig2017-09-191-4/+1
|
* Use created & updated instead BeforeInsert & BeforeUpdate (#2482)Lunny Xiao2017-09-131-13/+2
| | | | | | | | | | | | * use created & updated instead BeforeInsert & BeforeUpdate * fix vendor checksum * only show generated SQL when development mode * remove extra update column updated_unix * remove trace config
* Replace calls to xorm UseBool with Where (#2237)G2017-08-011-1/+1
|
* fix bug not to trim space of login username (#1796)Lunny Xiao2017-05-251-1/+6
|
* LDAP user synchronization (#1478)Lauris BH2017-05-101-18/+23
|
* gofmt (#1662)Ethan Koenig2017-05-041-1/+1
|
* Additional OAuth2 providers (#1010)Willem van Dreumel2017-05-011-85/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
* fix some typos (#1082)Lunny Xiao2017-02-281-1/+1
|
* fix 500 when use a duplicat email instead of giving an error tip (#1040)Lunny Xiao2017-02-251-11/+21
|
* Oauth2 consumer (#679)Willem van Dreumel2017-02-221-13/+147
| | | | | | | | | | | | | | | | | | | | | | | | | * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
* Create missing database indexes (#596)Andrey Nering2017-01-061-3/+3
|
* Correction LDAP validation (#342)Denis Denisov2016-12-121-2/+2
| | | | | | | | | | | | * Correction LDAP username validation As https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx describe spaces should not be in start or at the end of username but they can be inside the username. So please check my solution for it. * Check for zero length passwords in LDAP module. According to https://tools.ietf.org/search/rfc4513#section-5.1.2 LDAP client should always check before bind whether a password is an empty value. There are at least one LDAP implementation which does not return error if you try to bind with DN set and empty password - AD. * Clearing the login/email spaces at the [start/end]
* golint fixed for modules/authLunny Xiao2016-11-271-1/+1
|
* Merge pull request #246 from Bwko/fix/typoThomas Boerger2016-11-251-6/+6
|\ | | | | Fix typos
| * Fix typosBwko2016-11-211-6/+6
| |
* | Lint models/login_source.goSandro Santilli2016-11-241-8/+48
|/
* fixed bug #151 caused Find should be Get (#153)Lunny Xiao2016-11-121-7/+7
|
* Merge remote-tracking branch 'upstream/master' into feature/rewrite-xorm-queriesThibault Meyer2016-11-101-3/+3
|\ | | | | | | | | | | | | | | | | # Conflicts: # models/git_diff.go # models/issue.go # models/org.go # models/pull.go # models/repo.go
| * Update import paths from github.com/go-gitea to code.gitea.io (#135)Sandro Santilli2016-11-101-3/+3
| | | | | | | | | | | | | | - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
* | Rewrite XORM queriesThibault Meyer2016-11-101-1/+1
|/
* Fix type in unused constant name (#111)Sandro Santilli2016-11-071-34/+34
| | | | | | | | | | | | | | | | | | * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
* Security protocolsSandro Santilli2016-11-071-5/+5
|
* More mixageSandro Santilli2016-11-071-22/+22
|
* More...Sandro Santilli2016-11-071-15/+15
|
* Change import reference to match gitea instead of gogs (#37)Rémy Boulanouar2016-11-031-3/+3
|
* Fix panic when attempt login with non-exist userUnknwon2016-09-011-1/+1
|
* models/login_source: code improvementUnknwon2016-08-311-0/+558
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-14 03:23:46 +0000