summaryrefslogtreecommitdiffstats
path: root/routers/user
Commit message (Collapse)AuthorAgeFilesLines
...
* Better logging (#6038) (#6095)zeripath2019-04-024-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
* Don't Unescape redirect_to cookie value (#6399)mrsdizzie2019-03-202-6/+5
| | | | | | | redirect_to holds a value that we want to redirect back to after login. This value can be a path with intentonally escaped values and we should not unescape it. Fixes #4475
* Add bio field for user (#6113)techknowlogick2019-03-181-0/+1
| | | | Fix #4339
* Add support for client basic auth for exchanging access tokens (#6293)Jonas Franz2019-03-111-1/+27
| | | | | | | | * Add support for client basic auth for exchanging access tokens * Improve error messages * Fix tests
* Add regenerate secret feature for oauth2 (#6291)Jonas Franz2019-03-091-0/+28
| | | | | | * Add regenerate secret functionality * Fix lint
* Integrate OAuth2 Provider (#5378)Jonas Franz2019-03-083-0/+572
|
* Minor UI tweaks (#5980)John Olheiser2019-02-191-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove all CommitStatus when a repo is deleted Signed-off-by: jolheiser <john.olheiser@gmail.com> * Minor UI tweaks (#5782) Added 'No License' option Added link and octicon change for external issue trackers Reset password now notifies right away if the code is invalid Signed-off-by: jolheiser <john.olheiser@gmail.com> * More UI tweaks More info in PR * Generate stylesheet for arc-green * Make gofmt work * Change PR integration since the button is changed * Rebase * Generate stylesheet * UI updates Made the PR button a "basic" button Vertically centered the issue checkboxes Labels will update only once after modal is closed * Commit to reference related issues Resolves #5782 Resolves #5861 Addresses original question in #5993 * Change the comment wording since PR button is no longer little and green. * Revert changes that made Windows work * Regenerate stylesheet * Regenerate stylesheets * make generate-stylesheets * Update integration again, changed button style Signed-off-by: jolheiser <john.olheiser@gmail.com> * Added ID to PR button Changed integration to use the ID to avoid breaking in the future * Added missing semi-colons * Added back distinction between issue actions and filters (overlooked it before) Moved action button over next to other action dropdowns * Remove extra tab formatting in list.tmpl * Remove more formatting from GoLand * Replace hardcoded "No License" with i18n license helper.
* Show email if the authenticated user owns the profile page being requested ↵Lanre Adelowo2019-02-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | for (#4981) * Show email if the authenticated user owns the profile page being requested for. Also removed `setting.UI.ShowUserEmail` as it's documentation says it only controls the email setting on the explore page * fix current user check... This prevents a panic as a user must be signed in before ctx.User is called * fix panic in tests * try to fix tests * Update year * Test CI fail * Revert change * User 3 is not allowed to authorize * Set user2 email to be private * Change to user4 in explore page as user2 now has private email option set
* Fix prohibit login check on authorization (#6106)Lunny Xiao2019-02-191-0/+13
| | | | | | | | | | | | * fix bug prohibit login not applied on dashboard * fix tests * fix bug user status leak * fix typo * return after render
* Allow to set organization visibility (public, internal, private) (#1763)Rémy Boulanouar2019-02-182-0/+8
|
* Feature - #3031 - search for org repos (#5986)Richard Mahn2019-02-081-9/+60
|
* fix bug when deleting a linked account will removed all (#5989)Lunny Xiao2019-02-071-3/+8
|
* if repo does not exist, show a 404 not a 500 (#5900)Lanre Adelowo2019-01-301-1/+4
|
* Add the ability to use multiple labels as filters(#5786)Lauris BH2019-01-221-1/+11
|
* Do not display the raw OpenID error in the UI (#5705)zeripath2019-01-121-1/+2
| | | | | | | | | | | | | | | | | * Do not display the raw OpenID error in the UI If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid section of the app.ini, it is possible that gitea can leak sensitive information about the local network through the error provided by the UI. This PR hides the error information and logs it. Fix #4973 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update auth_openid.go Place error log within the `err != nil` branch.
* Allow for user specific themes (#5668)Lanre Adelowo2019-01-091-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | * add migration and basic UI for changing a user's theme * update user themem * use right text on button * load theme based on users' selection * load theme based on users' selection in pwa too * update sample config * delete older theme loading * implement AfterLoad to set users' theme properly * set up default theme when creating a user. This uses the installation wide theme * use flash messages for error * set default theme when creating a user from the cli * fix @lunny review
* Improve performance of dashboard (#4977)Lunny Xiao2018-12-131-0/+1
|
* Restrict permission check on repositories and fix some problems (#5314)Lunny Xiao2018-11-281-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
* Block registration based on email domain (#5157)Lanre Adelowo2018-11-141-0/+5
| | | * implement email domain whitelist
* UX of link account (Step 1) (#5006)AJ ONeal2018-10-281-2/+24
| | | | | | | | | | | | | | * Show either sign up OR sign in * disambiguate fresh start from adding recovery options * use tabs to switch between account link flows * add active to tab body as well * changes as per discussion * handle specific error; fix missing err typo
* Fix to 3819 - Filtering issues by tags on main screen issues (#3824)Rodrigo Villablanca Vásquez2018-10-281-0/+2
| | | | | | | | | | * Fix to 3819 * Changes suggested * Empty line removed * Fix error: non-name opts.Labels on left side of :=
* User action heatmap (#5131)kolaente2018-10-232-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added basic heatmap data * Added extra case for sqlite * Built basic heatmap into user profile * Get contribution data from api & styling * Fixed lint & added extra group by statements for all database types * generated swagger spec * generated swagger spec * generated swagger spec * fixed swagger spec * fmt * Added tests * Added setting to enable/disable user heatmap * Added locale for loading text * Removed UseTiDB * Updated librejs & moment.js * Fixed import order * Fixed heatmap in postgresql * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-Authored-By: kolaente <konrad@kola-entertainments.de> * Added copyright header * Fixed a bug to show the heatmap for the actual user instead of the currently logged in * Added integration test for heatmaps * Added a heatmap on the dashboard * Fixed timestamp parsing * Hide heatmap on mobile * optimized postgresql group by query * Improved sqlite group by statement
* Remove check for negative length (#5120)Oleg Kovalov2018-10-201-1/+1
|
* Force user to change password (#4489)Lanre Adelowo2018-09-131-1/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * redirect to login page after successfully activating account * force users to change password if account was created by an admin * force users to change password if account was created by an admin * fixed build * fixed build * fix pending issues with translation and wrong routes * make sure path check is safe * remove unneccessary newline * make sure users that don't have to view the form get redirected * move route to use /settings prefix so as to make sure unauthenticated users can't view the page * update as per @lafriks review * add necessary comment * remove unrelated changes * support redirecting to location the user actually want to go to before being forced to change his/her password * run make fmt * added tests * improve assertions * add assertion * fix copyright year Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
* feat(repo): support search repository by topic name (#4505)Bo-Yi Wu2018-09-131-0/+4
| | | | * feat(repo): support search repository by topic name
* Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)SagePtr2018-08-143-19/+19
|
* log user in after a successful sign up (#4615)Lanre Adelowo2018-08-111-1/+2
|
* fix panic issue on update avatar email (#4580) (#4581)Dingjun2018-08-011-1/+1
| | | fix #4580
* Switch plaintext scratch tokens to use hash instead (#4331)techknowlogick2018-07-272-5/+10
|
* Add flash message after an account has been successfully activated (#4510)Lanre Adelowo2018-07-251-0/+1
| | | | * added new locale text
* Redirect to correct page after using scratch token (#4458)techknowlogick2018-07-191-1/+2
|
* Add Recaptcha functionality to Gitea (#4044)Fluf2018-07-052-3/+49
|
* Increase default TOTP secret size to 320 bits (#4287)Clar Charr2018-07-031-0/+1
|
* Fix open redirect vulnerability on login screen (#4312)Jonas Franz2018-06-261-1/+2
| | | | | | | | | | | | | | * Fix open redirect vulnerability on login screen Signed-off-by: Jonas Franz <info@jonasfranz.software> * Reorder imports Signed-off-by: Jonas Franz <info@jonasfranz.software> * Replace www. from Domain too Signed-off-by: Jonas Franz <info@jonasfranz.software>
* hide issues from org private repos w/o team assignment (#4034)David Schneiderbauer2018-06-212-3/+7
|
* fix missing data on redirects (#3975)David Schneiderbauer2018-06-186-86/+90
|
* LDAP Public SSH Keys synchronization (#1844)Magnus Lindvall2018-05-241-1/+1
| | | | | | | | | | | | | | | | | | | * Add LDAP Key Synchronization feature Signed-off-by: Magnus Lindvall <magnus@dnmgns.com> * Add migration: add login source id column for public_key table * Only update keys if needed * Add function to only list pubkey synchronized from ldap * Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it. * Only get keys belonging to current login source id * Set default login source id to 0 * Some minor cleanup. Add integration tests (updete dep testify)
* Added repository search ordered by stars or forks. Forks column in admin ↵Alexey Terentyev2018-05-241-0/+8
| | | | | | | | | | | | | repo list. (#3969) * Added repository search order by stars or forks. Added Forks column to admin repository list. Signed-off-by: Alexey Terentyev <axifnx@gmail.com> * Renamed search repo template Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
* remove collaborative repositories from search on user profiles (#3996)David Schneiderbauer2018-05-211-7/+8
| | | | | | * remove collaborative repositories from search on user profiles * rename 'My Repositories' to 'Repositories'
* Add support for FIDO U2F (#3971)Jonas Franz2018-05-193-5/+241
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Re-enable random avatar feature (#3988)David Schneiderbauer2018-05-191-1/+1
| | | | | | * reenable random avatar feature * replace Size check by Filename check
* Splitted the user settings code into several files to be more maintainable ↵David Schneiderbauer2018-05-1710-815/+922
| | | | | | | | | | | | | | | | | (#3968) * refactor setting router code splitted up one huge router settings file into the smaller files representing the actual page structure * move code to subfolder * rename functions * renamed files * add copyright information
* Refactor User Settings (#3900)David Schneiderbauer2018-05-153-234/+194
| | | | | | | | | | | | | | | | | | | | | | * moved avatar to profile page * combined password change, email and account deletion into account settings page * combined totp, access tokens, linked accounts and openid into security settings page * move access tokens to applications settings page * small change to restart drone build * fix change avatar url on profile page * redirect old settings urls to new ones * enforce only one autofocus attribute on settings pages * set correct redirect status code * fmt fix
* issue-2768: added new option allow_only_external_registration (#3910)FabioFortini2018-05-131-1/+2
|
* Added user language setting (#3875)kolaente2018-05-052-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added user language setting * Added translation string for setting * Fixed import order + typo * improved checking if the user has a language saved in the db * The current saved language is now set a default inside the dropdown * fmt * When a user signs in and doesn't have a language saved, the current browser language is saved * updated gitea-sdk * Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language # Conflicts: # models/migrations/migrations.go # models/migrations/v62.go * Made tests work again * trigger CI * trigger CI * fmt * re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO * re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO * When loggin in, only the language col gets updated instead of everything
* Do not allow to reuse TOTP passcode (#3878)Lauris BH2018-05-021-1/+7
|
* Refactor and simplify redirect to url (#3674)Lauris BH2018-03-153-19/+7
|
* Fix missing translations when updating username. (#3564)bugreport02018-02-251-3/+3
| | | | | | | | * Fix missing translations when updating username. * Fix reserved username translated string test. * Fix 'username reserved' string test a bit more.
* refactor: reduce sql query in retrieveFeeds (#3547)Bo-Yi Wu2018-02-211-31/+8
|
* Implements generator cli for secrets (#3531)Codruț Constantin Gușoi2018-02-181-1/+2
| | | Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-13 22:48:28 +0000