summaryrefslogtreecommitdiffstats
path: root/modules/auth/auth.go
Commit message (Collapse)AuthorAgeFilesLines
* Implement webhook branch filter (#7791)WGH2019-09-091-9/+8
| | | | | | | | * Fix validate() function to handle errors in embedded anon structs * Implement webhook branch filter See #2025, #3998.
* Allow token as authorization for accessing attachments (#7909)David Svantesson2019-08-241-1/+6
| | | | | | | | * Allow token as authorization for accessing attachments Signed-off-by: David Svantesson <davidsvantesson@gmail.com> * Only allow token authentication for attachments if it is a download (GET)
* Use gitea forked macaron (#7933)Tamal Saha2019-08-231-6/+6
| | | Signed-off-by: Tamal Saha <tamal@appscode.com>
* Display ui time with customize time location (#7792)Lunny Xiao2019-08-151-3/+3
| | | | | | | | | | | | | | | | | | * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
* Add golangci (#6418)kolaente2019-06-121-10/+2
|
* OAuth2 token can be used in basic auth (#6747)techknowlogick2019-04-251-2/+16
|
* API OTP Context (#6674)techknowlogick2019-04-191-1/+2
| | | | | | | | | | | | | | | | | | | | | | * API OTP Context * Update api.go * token * token * fix per discord * copyright header * remove check for token in OTP * Update auth.go * simplify * Update api.go
* Better logging (#6038) (#6095)zeripath2019-04-021-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
* Integrate OAuth2 Provider (#5378)Jonas Franz2019-03-081-1/+32
|
* In basic auth check for tokens before call UserSignIn (#5725)manuelluis2019-02-121-5/+46
| | | | | | | | | | * Check first if user/password is a token * In basic auth check if user/password is a token * Remove unnecessary else statement * Changes of fmt
* Support reverse proxy providing email (#5554)zeripath2018-12-181-1/+8
| | | This PR implements #2347
* Remove check for negative length (#5120)Oleg Kovalov2018-10-201-1/+1
|
* Enforce token on api routes [fixed critical security issue #4357] (#4840)B-OnTheGo2018-09-101-1/+2
|
* Refactor struct's time to remove unnecessary memory usage (#3142)Lunny Xiao2017-12-111-2/+2
| | | | | | | | | | | | | | * refactor struct's time to remove unnecessary memory usage * use AsTimePtr simple code * fix tests * fix time compare * fix template on gpg * use AddDuration instead of Add
* Better URL validation (#1507)Lauris BH2017-04-191-0/+3
| | | | | | | | | | | | | | | | | | | | * Add correct git branch name validation * Change git refname validation error constant name * Implement URL validation based on GoLang url.Parse method * Backward compatibility with older Go compiler * Add git reference name validation unit tests * Remove unused variable in unit test * Implement URL validation based on GoLang url.Parse method * Backward compatibility with older Go compiler * Add url validation unit tests
* fix: gofmt errors. (#1106)Bo-Yi Wu2017-03-031-2/+2
|
* Oauth2 consumer (#679)Willem van Dreumel2017-02-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
* Avoid duplicate queries in auth (#827)Ethan Koenig2017-02-051-57/+48
| | | Avoid identical making calls to GetUserByID(..) in SignedInUser(..)
* GitHub API Compliance (& linting)Kim "BKC" Carlbäcker2016-12-021-0/+3
|
* golint fixed for modules/authLunny Xiao2016-11-271-2/+7
|
* Update import paths from github.com/go-gitea to code.gitea.io (#135)Sandro Santilli2016-11-101-4/+4
| | | | | | | - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
* Change import reference to match gitea instead of gogs (#37)Rémy Boulanouar2016-11-031-4/+4
|
* Fixes #3110 (#3136)Franz Schmidt2016-06-271-1/+1
|
* Replace uuid module with original packageUnknwon2016-02-201-2/+2
|
* typo fixzhuharev2016-01-061-2/+2
|
* work on #470 and fix miror JS issue when choose targets on compare and pullUnknwon2015-10-291-4/+10
|
* fix import path, fix #1782Unknwon2015-10-151-3/+3
|
* support URL param to token, but still restrict to APIsUnknwon2015-09-021-21/+23
|
* #842 able to use access token replace basic authUnknwon2015-09-021-22/+28
|
* #1487 Readme TemplateUnknwon2015-08-281-0/+6
|
* token recent activityUnknwon2015-08-191-2/+7
|
* work on #1493Unknwon2015-08-171-1/+1
|
* WIP: create PR - choose branchUnknwon2015-08-081-2/+2
|
* allow anonymous SSH cloneUnknwon2015-08-051-3/+3
|
* UI: basic label listUnknwon2015-07-241-1/+7
| | | | - create new label
* #1128: API calls are not hidden behind sign inUnknwon2015-07-151-1/+5
|
* UI: install - new versionUnknwon2015-07-081-1/+8
|
* Attempt #3 of ldap fixesGogs2015-02-271-5/+4
|
* cmd: CMD option for port number of `gogs web` to prevent first time run conflictUnknwon2015-02-011-0/+7
| | | | | - routers: use new binding convention to simplify code - templates: able to set HTTP port number in install page
* fix binding api brokenUnknwon2014-12-151-7/+7
|
* Fix spelling errors in comments.Joseph Crail2014-12-061-1/+1
|
* work on #672Unknwon2014-12-051-1/+2
|
* fix #165Unknwon2014-12-051-1/+19
|
* more APIs on #12Unknwon2014-11-181-9/+9
|
* #12, API: list user repos, list repo hooksUnknwon2014-11-131-15/+15
|
* add personal access token panel #12Unknwon2014-11-121-5/+23
|
* work on #616 and update localesUnknwon2014-11-101-14/+39
|
* Use binding middlewareUnknwon2014-10-151-21/+21
|
* Fix #340Unknwon2014-08-011-4/+12
|
* New UI merge in progressUnknwon2014-07-261-36/+139
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-12 10:27:03 +0000