summaryrefslogtreecommitdiffstats
path: root/routers/user
Commit message (Collapse)AuthorAgeFilesLines
...
* Do not display the raw OpenID error in the UI (#5705)zeripath2019-01-121-1/+2
| | | | | | | | | | | | | | | | | * Do not display the raw OpenID error in the UI If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid section of the app.ini, it is possible that gitea can leak sensitive information about the local network through the error provided by the UI. This PR hides the error information and logs it. Fix #4973 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update auth_openid.go Place error log within the `err != nil` branch.
* Allow for user specific themes (#5668)Lanre Adelowo2019-01-091-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | * add migration and basic UI for changing a user's theme * update user themem * use right text on button * load theme based on users' selection * load theme based on users' selection in pwa too * update sample config * delete older theme loading * implement AfterLoad to set users' theme properly * set up default theme when creating a user. This uses the installation wide theme * use flash messages for error * set default theme when creating a user from the cli * fix @lunny review
* Improve performance of dashboard (#4977)Lunny Xiao2018-12-131-0/+1
|
* Restrict permission check on repositories and fix some problems (#5314)Lunny Xiao2018-11-281-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
* Block registration based on email domain (#5157)Lanre Adelowo2018-11-141-0/+5
| | | * implement email domain whitelist
* UX of link account (Step 1) (#5006)AJ ONeal2018-10-281-2/+24
| | | | | | | | | | | | | | * Show either sign up OR sign in * disambiguate fresh start from adding recovery options * use tabs to switch between account link flows * add active to tab body as well * changes as per discussion * handle specific error; fix missing err typo
* Fix to 3819 - Filtering issues by tags on main screen issues (#3824)Rodrigo Villablanca Vásquez2018-10-281-0/+2
| | | | | | | | | | * Fix to 3819 * Changes suggested * Empty line removed * Fix error: non-name opts.Labels on left side of :=
* User action heatmap (#5131)kolaente2018-10-232-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added basic heatmap data * Added extra case for sqlite * Built basic heatmap into user profile * Get contribution data from api & styling * Fixed lint & added extra group by statements for all database types * generated swagger spec * generated swagger spec * generated swagger spec * fixed swagger spec * fmt * Added tests * Added setting to enable/disable user heatmap * Added locale for loading text * Removed UseTiDB * Updated librejs & moment.js * Fixed import order * Fixed heatmap in postgresql * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-Authored-By: kolaente <konrad@kola-entertainments.de> * Added copyright header * Fixed a bug to show the heatmap for the actual user instead of the currently logged in * Added integration test for heatmaps * Added a heatmap on the dashboard * Fixed timestamp parsing * Hide heatmap on mobile * optimized postgresql group by query * Improved sqlite group by statement
* Remove check for negative length (#5120)Oleg Kovalov2018-10-201-1/+1
|
* Force user to change password (#4489)Lanre Adelowo2018-09-131-1/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * redirect to login page after successfully activating account * force users to change password if account was created by an admin * force users to change password if account was created by an admin * fixed build * fixed build * fix pending issues with translation and wrong routes * make sure path check is safe * remove unneccessary newline * make sure users that don't have to view the form get redirected * move route to use /settings prefix so as to make sure unauthenticated users can't view the page * update as per @lafriks review * add necessary comment * remove unrelated changes * support redirecting to location the user actually want to go to before being forced to change his/her password * run make fmt * added tests * improve assertions * add assertion * fix copyright year Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
* feat(repo): support search repository by topic name (#4505)Bo-Yi Wu2018-09-131-0/+4
| | | | * feat(repo): support search repository by topic name
* Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)SagePtr2018-08-143-19/+19
|
* log user in after a successful sign up (#4615)Lanre Adelowo2018-08-111-1/+2
|
* fix panic issue on update avatar email (#4580) (#4581)Dingjun2018-08-011-1/+1
| | | fix #4580
* Switch plaintext scratch tokens to use hash instead (#4331)techknowlogick2018-07-272-5/+10
|
* Add flash message after an account has been successfully activated (#4510)Lanre Adelowo2018-07-251-0/+1
| | | | * added new locale text
* Redirect to correct page after using scratch token (#4458)techknowlogick2018-07-191-1/+2
|
* Add Recaptcha functionality to Gitea (#4044)Fluf2018-07-052-3/+49
|
* Increase default TOTP secret size to 320 bits (#4287)Clar Charr2018-07-031-0/+1
|
* Fix open redirect vulnerability on login screen (#4312)Jonas Franz2018-06-261-1/+2
| | | | | | | | | | | | | | * Fix open redirect vulnerability on login screen Signed-off-by: Jonas Franz <info@jonasfranz.software> * Reorder imports Signed-off-by: Jonas Franz <info@jonasfranz.software> * Replace www. from Domain too Signed-off-by: Jonas Franz <info@jonasfranz.software>
* hide issues from org private repos w/o team assignment (#4034)David Schneiderbauer2018-06-212-3/+7
|
* fix missing data on redirects (#3975)David Schneiderbauer2018-06-186-86/+90
|
* LDAP Public SSH Keys synchronization (#1844)Magnus Lindvall2018-05-241-1/+1
| | | | | | | | | | | | | | | | | | | * Add LDAP Key Synchronization feature Signed-off-by: Magnus Lindvall <magnus@dnmgns.com> * Add migration: add login source id column for public_key table * Only update keys if needed * Add function to only list pubkey synchronized from ldap * Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it. * Only get keys belonging to current login source id * Set default login source id to 0 * Some minor cleanup. Add integration tests (updete dep testify)
* Added repository search ordered by stars or forks. Forks column in admin ↵Alexey Terentyev2018-05-241-0/+8
| | | | | | | | | | | | | repo list. (#3969) * Added repository search order by stars or forks. Added Forks column to admin repository list. Signed-off-by: Alexey Terentyev <axifnx@gmail.com> * Renamed search repo template Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
* remove collaborative repositories from search on user profiles (#3996)David Schneiderbauer2018-05-211-7/+8
| | | | | | * remove collaborative repositories from search on user profiles * rename 'My Repositories' to 'Repositories'
* Add support for FIDO U2F (#3971)Jonas Franz2018-05-193-5/+241
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Re-enable random avatar feature (#3988)David Schneiderbauer2018-05-191-1/+1
| | | | | | * reenable random avatar feature * replace Size check by Filename check
* Splitted the user settings code into several files to be more maintainable ↵David Schneiderbauer2018-05-1710-815/+922
| | | | | | | | | | | | | | | | | (#3968) * refactor setting router code splitted up one huge router settings file into the smaller files representing the actual page structure * move code to subfolder * rename functions * renamed files * add copyright information
* Refactor User Settings (#3900)David Schneiderbauer2018-05-153-234/+194
| | | | | | | | | | | | | | | | | | | | | | * moved avatar to profile page * combined password change, email and account deletion into account settings page * combined totp, access tokens, linked accounts and openid into security settings page * move access tokens to applications settings page * small change to restart drone build * fix change avatar url on profile page * redirect old settings urls to new ones * enforce only one autofocus attribute on settings pages * set correct redirect status code * fmt fix
* issue-2768: added new option allow_only_external_registration (#3910)FabioFortini2018-05-131-1/+2
|
* Added user language setting (#3875)kolaente2018-05-052-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added user language setting * Added translation string for setting * Fixed import order + typo * improved checking if the user has a language saved in the db * The current saved language is now set a default inside the dropdown * fmt * When a user signs in and doesn't have a language saved, the current browser language is saved * updated gitea-sdk * Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language # Conflicts: # models/migrations/migrations.go # models/migrations/v62.go * Made tests work again * trigger CI * trigger CI * fmt * re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO * re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO * When loggin in, only the language col gets updated instead of everything
* Do not allow to reuse TOTP passcode (#3878)Lauris BH2018-05-021-1/+7
|
* Refactor and simplify redirect to url (#3674)Lauris BH2018-03-153-19/+7
|
* Fix missing translations when updating username. (#3564)bugreport02018-02-251-3/+3
| | | | | | | | * Fix missing translations when updating username. * Fix reserved username translated string test. * Fix 'username reserved' string test a bit more.
* refactor: reduce sql query in retrieveFeeds (#3547)Bo-Yi Wu2018-02-211-31/+8
|
* Implements generator cli for secrets (#3531)Codruț Constantin Gușoi2018-02-181-1/+2
| | | Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
* Cleanup models.User.HashPassword (#3334)Kim "BKC" Carlbäcker2018-01-122-4/+2
|
* Handle refactor (#3339)Morgan Bazalgette2018-01-107-143/+143
| | | | | | * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
* Remove useless fmt.Errorf("%v", err) (#3337)Antoine GIRARD2018-01-091-1/+1
|
* Change EncodePasswd to HashPassword (#3329)Morgan Bazalgette2018-01-082-2/+2
| | | | | | * Change EncodePasswd to HashPassword * Create test+benchmark for HashPassword
* Fix bugs in issue dashboard stats (#3073)Ethan Koenig2017-12-261-6/+27
|
* Remove unnecessary function call (#3109)Ethan Koenig2017-12-081-8/+3
|
* Add 'mark all read' option to notifications (#3097)Sasha Varlamov2017-12-071-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add 'mark all read' option to notifications Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com> * Fix exported comment Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com> * Format method comments Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com> * Fix exported comment Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com> Format method comments Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com> Tests for reactions (#3083) * Unit tests for reactions * Fix import order Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv> Fix reaction possition when there is attachments (#3099) Refactor notifications swap function * Accept change to drop beforeupdate call * Update purge notifications error message for consistency * Drop unnecessary check for mark all as read button * Remove debugging comment
* Sort repos in issues dashboard sidebar (#3072)Ethan Koenig2017-12-041-0/+2
| | | | | | * Sort repos in issues dashboard sidebar * Sort repos by name
* Fix missing password length check when change password (#3039)Lunny Xiao2017-12-022-1/+71
| | | | | | * fix missing password length check when change password * add tests for change password
* remove unused variable (#3038)Lunny Xiao2017-11-301-1/+0
|
* Unit tests for wiki routers (#3022)Ethan Koenig2017-11-302-20/+3
|
* Disable add key button if SSH is disabled (#2873)Michael Kuhn2017-11-211-3/+6
|
* Apply LANDING_PAGE config options for logged in users (#2894)schaffman52017-11-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Extended LANDINGPAGE config variable to logged in users and added switch for 'organizations' in addition to 'home' and 'explore'. * Updated comments. Signed-off-by: Mike Schaffer <mschaff@gmail.com> * Extended LANDINGPAGE config variable to trigger when user logs in and added switch for 'organizations' in addition to 'home' and 'explore'. Signed-off-by: Mike Schaffer <mschaff@gmail.com> * Extended LANDINGPAGE config variable to logged in users and added switch for 'organizations' in addition to 'home' and 'explore'. * Updated comments. Signed-off-by: Mike Schaffer <mschaff@gmail.com> * Extended LANDINGPAGE config variable to trigger when user logs in and added switch for 'organizations' in addition to 'home' and 'explore'. Signed-off-by: Mike Schaffer <mschaff@gmail.com> * Removed superfluous conditional and correct whitespace. Signed-off-by: Mike Schaffer <mschaff@gmail.com> * Update app.ini Reverted new line. * Formatting. Signed-off-by: Mike Schaffer <mschaff@gmail.com>
* Add search mode option to /api/repo/search (#2756)Morlinest2017-10-271-15/+16
| | | | | | | | | | | | | | | | | | | | | | | | * Add repo type option to /api/repo/search * Add tests and fix result of collaborative filter in specific condition * Fix/optimize search & tests * Improve integration tests * Fix lint errors * Fix unit tests * Change and improve internal implementation of repo search * Use NonexistentID * Make search api more general * Change mirror and fork search behaviour * Fix tests & typo in comment
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 13:37:06 +0000