Unknwon
9 vuotta sitten
2 muutettua tiedostoa jossa 61 lisäystä ja 55 poistoa
+ 43
- 45
models/login.go
Näytä tiedosto
| @@ -169,61 +169,59 @@ func UserSignIn(uname, passwd string) (*User, error) { | |||
| // For plain login, user must exist to reach this line. | |||
| // Now verify password. | |||
| if u.LoginType == PLAIN { | |||
| newUser := &User{Passwd: passwd, Salt: u.Salt} | |||
| newUser.EncodePasswd() | |||
| if u.Passwd != newUser.Passwd { | |||
| if !u.ValidtePassword(passwd) { | |||
| return nil, ErrUserNotExist | |||
| } | |||
| return u, nil | |||
| } else { | |||
| if !has { | |||
| var sources []LoginSource | |||
| if err = x.UseBool().Find(&sources, | |||
| &LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { | |||
| return nil, err | |||
| } | |||
| } | |||
| if !has { | |||
| var sources []LoginSource | |||
| if err = x.UseBool().Find(&sources, | |||
| &LoginSource{IsActived: true, AllowAutoRegister: true}); err != nil { | |||
| return nil, err | |||
| } | |||
| for _, source := range sources { | |||
| if source.Type == LDAP { | |||
| u, err := LoginUserLdapSource(nil, uname, passwd, | |||
| source.Id, source.Cfg.(*LDAPConfig), true) | |||
| if err == nil { | |||
| return u, nil | |||
| } | |||
| log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) | |||
| } else if source.Type == SMTP { | |||
| u, err := LoginUserSMTPSource(nil, uname, passwd, | |||
| source.Id, source.Cfg.(*SMTPConfig), true) | |||
| if err == nil { | |||
| return u, nil | |||
| } | |||
| log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) | |||
| for _, source := range sources { | |||
| if source.Type == LDAP { | |||
| u, err := LoginUserLdapSource(nil, uname, passwd, | |||
| source.Id, source.Cfg.(*LDAPConfig), true) | |||
| if err == nil { | |||
| return u, nil | |||
| } | |||
| log.Warn("Fail to login(%s) by LDAP(%s): %v", uname, source.Name, err) | |||
| } else if source.Type == SMTP { | |||
| u, err := LoginUserSMTPSource(nil, uname, passwd, | |||
| source.Id, source.Cfg.(*SMTPConfig), true) | |||
| if err == nil { | |||
| return u, nil | |||
| } | |||
| log.Warn("Fail to login(%s) by SMTP(%s): %v", uname, source.Name, err) | |||
| } | |||
| return nil, ErrUserNotExist | |||
| } | |||
| var source LoginSource | |||
| hasSource, err := x.Id(u.LoginSource).Get(&source) | |||
| if err != nil { | |||
| return nil, err | |||
| } else if !hasSource { | |||
| return nil, ErrLoginSourceNotExist | |||
| } else if !source.IsActived { | |||
| return nil, ErrLoginSourceNotActived | |||
| } | |||
| return nil, ErrUserNotExist | |||
| } | |||
| switch u.LoginType { | |||
| case LDAP: | |||
| return LoginUserLdapSource(u, u.LoginName, passwd, | |||
| source.Id, source.Cfg.(*LDAPConfig), false) | |||
| case SMTP: | |||
| return LoginUserSMTPSource(u, u.LoginName, passwd, | |||
| source.Id, source.Cfg.(*SMTPConfig), false) | |||
| } | |||
| return nil, ErrUnsupportedLoginType | |||
| var source LoginSource | |||
| hasSource, err := x.Id(u.LoginSource).Get(&source) | |||
| if err != nil { | |||
| return nil, err | |||
| } else if !hasSource { | |||
| return nil, ErrLoginSourceNotExist | |||
| } else if !source.IsActived { | |||
| return nil, ErrLoginSourceNotActived | |||
| } | |||
| switch u.LoginType { | |||
| case LDAP: | |||
| return LoginUserLdapSource(u, u.LoginName, passwd, | |||
| source.Id, source.Cfg.(*LDAPConfig), false) | |||
| case SMTP: | |||
| return LoginUserSMTPSource(u, u.LoginName, passwd, | |||
| source.Id, source.Cfg.(*SMTPConfig), false) | |||
| } | |||
| return nil, ErrUnsupportedLoginType | |||
| } | |||
| // Query if name/passwd can login against the LDAP directory pool | |||
+ 18
- 10
routers/repo/setting.go
Näytä tiedosto
| @@ -111,10 +111,18 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) { | |||
| } else if !isExist { | |||
| ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil) | |||
| return | |||
| } else if !ctx.User.ValidtePassword(ctx.Query("password")) { | |||
| ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) | |||
| } | |||
| if _, err = models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil { | |||
| if err == models.ErrUserNotExist { | |||
| ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) | |||
| } else { | |||
| ctx.Handle(500, "UserSignIn", err) | |||
| } | |||
| return | |||
| } else if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil { | |||
| } | |||
| if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil { | |||
| if err == models.ErrRepoAlreadyExist { | |||
| ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil) | |||
| } else { | |||
| @@ -136,15 +144,15 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) { | |||
| ctx.Error(404) | |||
| return | |||
| } | |||
| if !ctx.User.ValidtePassword(ctx.Query("password")) { | |||
| ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) | |||
| return | |||
| } | |||
| } else { | |||
| if !ctx.Repo.Owner.ValidtePassword(ctx.Query("password")) { | |||
| } | |||
| if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil { | |||
| if err == models.ErrUserNotExist { | |||
| ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) | |||
| return | |||
| } else { | |||
| ctx.Handle(500, "UserSignIn", err) | |||
| } | |||
| return | |||
| } | |||
| if err := models.DeleteRepository(ctx.Repo.Owner.Id, ctx.Repo.Repository.Id, ctx.Repo.Owner.Name); err != nil { | |||
Loading…