aboutsummaryrefslogtreecommitdiffstats
path: root/routers/web/user/setting/keys.go
Commit message (Collapse)AuthorAgeFilesLines
* Enable addtional linters (#34085)TheFox0x72025-04-011-7/+7
| | | | | | | | enable mirror, usestdlibbars and perfsprint part of: https://github.com/go-gitea/gitea/issues/34083 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor error system (#33610)wxiaoguang2025-02-161-6/+6
|
* Refactor template & test related code (#32938)wxiaoguang2024-12-221-2/+2
| | | Move some legacy code from "base" package to proper packages.
* Allow disabling authentication related user features (#31535)Rowan Bohde2024-07-091-0/+7
| | | | | | | | | | | | | | | | | | | | We have some instances that only allow using an external authentication source for authentication. In this case, users changing their email, password, or linked OpenID connections will not have any effect, and we'd like to prevent showing that to them to prevent confusion. Included in this are several changes to support this: * A new setting to disable user managed authentication credentials (email, password & OpenID connections) * A new setting to disable user managed MFA (2FA codes & WebAuthn) * Fix an issue where some templates had separate logic for determining if a feature was disabled since it didn't check the globally disabled features * Hide more user setting pages in the navbar when their settings aren't enabled --------- Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Add setting to disable user features when user login type is not plain (#29615)Jack Hay2024-03-291-6/+7
| | | | | | | | | ## Changes - Adds setting `EXTERNAL_USER_DISABLE_FEATURES` to disable any supported user features when login type is not plain - In general, this is necessary for SSO implementations to avoid inconsistencies between the external account management and the linked account - Adds helper functions to encourage correct use
* Move some asymkey functions to service layer (#28894)Lunny Xiao2024-03-041-1/+1
| | | | After the moving, all models will not depend on `util.Rename` so that I can do next step refactoring.
* Allow options to disable user ssh keys configuration from the interface on ↵Lunny Xiao2024-03-041-0/+16
| | | | | | | | | | | app.ini (#29447) Follow #29275 Extract from #20549 Fix #24716 --------- Co-authored-by: delvh <dev.lh@web.de>
* Allow options to disable user gpg keys configuration from the interface on ↵Lunny Xiao2024-03-021-0/+10
| | | | | | | | app.ini (#29486) Follow #29447 Fix #29454 Extract from #20549
* Move context from modules to services (#29440)Lunny Xiao2024-02-271-1/+1
| | | | | | | | | | | | | | | Since `modules/context` has to depend on `models` and many other packages, it should be moved from `modules/context` to `services/context` according to design principles. There is no logic code change on this PR, only move packages. - Move `code.gitea.io/gitea/modules/context` to `code.gitea.io/gitea/services/context` - Move `code.gitea.io/gitea/modules/contexttest` to `code.gitea.io/gitea/services/contexttest` because of depending on context - Move `code.gitea.io/gitea/modules/upload` to `code.gitea.io/gitea/services/context/upload` because of depending on context
* Move more functions to db.Find (#28419)Lunny Xiao2024-01-151-2/+13
| | | | | | | | | Following #28220 This PR move more functions to use `db.Find`. --------- Co-authored-by: delvh <dev.lh@web.de>
* Use db.Find instead of writing methods for every object (#28084)Lunny Xiao2023-11-241-1/+4
| | | | For those simple objects, it's unnecessary to write the find and count methods again and again.
* Final round of `db.DefaultContext` refactor (#27587)JakobDev2023-10-141-6/+6
| | | Last part of #27065
* Penultimate round of `db.DefaultContext` refactor (#27414)JakobDev2023-10-111-4/+4
| | | | | | | Part of #27065 --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Another round of `db.DefaultContext` refactor (#27103)JakobDev2023-09-251-5/+5
| | | | | | | Part of #27065 --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Reduce usage of `db.DefaultContext` (#27073)JakobDev2023-09-141-1/+1
| | | | | | | | | | | | | | Part of #27065 This reduces the usage of `db.DefaultContext`. I think I've got enough files for the first PR. When this is merged, I will continue working on this. Considering how many files this PR affect, I hope it won't take to long to merge, so I don't end up in the merge conflict hell. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move web JSON functions to web context and simplify code (#26132)wxiaoguang2023-07-261-3/+1
| | | | | | | | | The JSONRedirect/JSONOK/JSONError functions were put into "Base" context incorrectly, it would cause abuse. Actually, they are for "web context" only, so, move them to the correct place. And by the way, use them to simplify old code: +75 -196
* Replace `interface{}` with `any` (#25686)silverwind2023-07-041-1/+1
| | | | | Result of running `perl -p -i -e 's#interface\{\}#any#g' **/*` and `make fmt`. Basically the same [as golang did](https://github.com/golang/go/commit/2580d0e08d5e9f979b943758d3c49877fb2324cb).
* Improve error report when user passes a private key (#22726)zeripath2023-02-021-0/+2
| | | | | | | | | | | | The error reported when a user passes a private ssh key as their ssh public key is not very nice. This PR improves this slightly. Ref #22693 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
* Add main landmark to templates and adjust titles (#22670)Felipe Leopoldo Sologuren Gutiérrez2023-02-011-1/+1
| | | | | | | * Add main aria landmark to templates * Adjust some titles to improve understanding of location in navigation Contributed by @Forgejo
* Fix key signature error page (#22229)Gusted2022-12-301-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | - When the GPG key contains an error, such as an invalid signature or an email address that does not match the user.A page will be shown that says you must provide a signature for the token. - This page had two errors: one had the wrong translation key and the other tried to use an undefined variable [`.PaddedKeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/models/asymkey/gpg_key.go#L65-L72), which is a function implemented on the `GPGKey` struct, given that we don't have that, we use [`KeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/routers/web/user/setting/keys.go#L102) which is [the fingerprint of the publickey](https://pkg.go.dev/golang.org/x/crypto/openpgp/packet#PublicKey.KeyIdString) and is a valid way for opengpg to refer to a key. Before: ![image](https://user-images.githubusercontent.com/25481501/209404800-0e7c39ce-861a-455b-b234-62498d750aa8.png) After: ![image](https://user-images.githubusercontent.com/25481501/209404821-c70f81c6-fd10-4197-ab58-61cb9fc873d8.png) Co-authored-by: zeripath <art27@cantab.net>
* Implement FSFE REUSE for golang files (#21840)flynnnnnnnnnn2022-11-271-2/+1
| | | | | | | | | Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Use `ctx` instead of `db.DefaultContext` in some ↵wxiaoguang2022-03-221-1/+1
| | | | | | | | | | | | packages(routers/services/modules) (#19163) * Remove `db.DefaultContext` usage in routers, use `ctx` directly * Use `ctx` directly if there is one, remove some `db.DefaultContext` in `services` * Use ctx instead of db.DefaultContext for `cmd` and some `modules` packages * fix incorrect context usage
* Renamed ctx.User to ctx.Doer. (#19161)KN4CK3R2022-03-221-22/+22
| | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* format with gofumpt (#18184)65432022-01-201-1/+0
| | | | | | | | | | | * gofumpt -w -l . * gofumpt -w -l -extra . * Add linter * manual fix * change make fmt
* Refactor auth package (#17962)Lunny Xiao2022-01-021-1/+0
|
* Add support for ssh commit signing (#17743)Wim2021-12-191-0/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for ssh commit signing * Split out ssh verification to separate file * Show ssh key fingerprint on commit page * Update sshsig lib * Make sure we verify against correct namespace * Add ssh public key verification via ssh signatures When adding a public ssh key also validate that this user actually owns the key by signing a token with the private key. * Remove some gpg references and make verify key optional * Fix spaces indentation * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update templates/user/settings/keys_ssh.tmpl Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update options/locale/locale_en-US.ini Co-authored-by: Gusted <williamzijl7@hotmail.com> * Update models/ssh_key_commit_verification.go Co-authored-by: Gusted <williamzijl7@hotmail.com> * Reword ssh/gpg_key_success message * Change Badsignature to NoKeyFound * Add sign/verify tests * Fix upstream api changes to user_model User * Match exact on SSH signature * Fix code review remarks Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move keys to models/asymkey (#17917)Lunny Xiao2021-12-101-39/+40
| | | | | | | | | | | | | | | | | | | * Move keys to models/keys * Rename models/keys -> models/asymkey * change the missed package name * Fix package alias * Fix test * Fix docs * Fix test * Fix test * merge
* Fix wrong i18n keys (#17150)Lunny Xiao2021-09-251-1/+1
| | | Co-authored-by: 6543 <6543@obermui.de>
* Move login related structs and functions to models/login (#17093)Lunny Xiao2021-09-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move login related structs and functions to models/login * Fix test * Fix lint * Fix lint * Fix lint of windows * Fix lint * Fix test * Fix test * Only load necessary fixtures when preparing unit tests envs * Fix lint * Fix test * Fix test * Fix error log * Fix error log * Fix error log * remove unnecessary change * fix error log * merge main branch
* Rename ctx.Form() to ctx.FormString() and move code into own file (#16571)65432021-08-111-2/+2
| | | | | | | Followup from #16562 prepare for #16567 * Rename ctx.Form() to ctx.FormString() * Reimplement FormX func to need less code and cpu cycles * Move code into own file
* Rename context.Query to context.Form (#16562)Lunny Xiao2021-07-291-5/+5
|
* Add option to provide signature for a token to verify key ownership (#14054)zeripath2021-07-131-1/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>
* Refactor routers directory (#15800)Lunny Xiao2021-06-091-0/+226
* refactor routers directory * move func used for web and api to common * make corsHandler a function to prohibit side efects * rm unused func Co-authored-by: 6543 <6543@obermui.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-10 15:53:39 +0000