mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4957 Commits
17 Branches
Tree: 01d957677f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '01d957677f'
${ noResults }
gitea/modules/auth/auth.go

auth.go 6.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package auth

  6. 

  7. import (

  8. 	"reflect"

  9. 	"strings"

  10. 	"time"

  11. 

  12. 	"github.com/Unknwon/com"

  13. 	"github.com/go-macaron/binding"

  14. 	"github.com/go-macaron/session"

  15. 	gouuid "github.com/satori/go.uuid"

  16. 	"gopkg.in/macaron.v1"

  17. 

  18. 	"code.gitea.io/gitea/models"

  19. 	"code.gitea.io/gitea/modules/base"

  20. 	"code.gitea.io/gitea/modules/log"

  21. 	"code.gitea.io/gitea/modules/setting"

  22. )

  23. 

  24. // IsAPIPath if URL is an api path

  25. func IsAPIPath(url string) bool {

  26. 	return strings.HasPrefix(url, "/api/")

  27. }

  28. 

  29. // SignedInID returns the id of signed in user.

  30. func SignedInID(ctx *macaron.Context, sess session.Store) int64 {

  31. 	if !models.HasEngine {

  32. 		return 0

  33. 	}

  34. 

  35. 	// Check access token.

  36. 	if IsAPIPath(ctx.Req.URL.Path) {

  37. 		tokenSHA := ctx.Query("token")

  38. 		if len(tokenSHA) <= 0 {

  39. 			tokenSHA = ctx.Query("access_token")

  40. 		}

  41. 		if len(tokenSHA) == 0 {

  42. 			// Well, check with header again.

  43. 			auHead := ctx.Req.Header.Get("Authorization")

  44. 			if len(auHead) > 0 {

  45. 				auths := strings.Fields(auHead)

  46. 				if len(auths) == 2 && auths[0] == "token" {

  47. 					tokenSHA = auths[1]

  48. 				}

  49. 			}

  50. 		}

  51. 

  52. 		// Let's see if token is valid.

  53. 		if len(tokenSHA) > 0 {

  54. 			t, err := models.GetAccessTokenBySHA(tokenSHA)

  55. 			if err != nil {

  56. 				if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {

  57. 					log.Error(4, "GetAccessTokenBySHA: %v", err)

  58. 				}

  59. 				return 0

  60. 			}

  61. 			t.Updated = time.Now()

  62. 			if err = models.UpdateAccessToken(t); err != nil {

  63. 				log.Error(4, "UpdateAccessToken: %v", err)

  64. 			}

  65. 			return t.UID

  66. 		}

  67. 	}

  68. 

  69. 	uid := sess.Get("uid")

  70. 	if uid == nil {

  71. 		return 0

  72. 	} else if id, ok := uid.(int64); ok {

  73. 		return id

  74. 	}

  75. 	return 0

  76. }

  77. 

  78. // SignedInUser returns the user object of signed user.

  79. // It returns a bool value to indicate whether user uses basic auth or not.

  80. func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {

  81. 	if !models.HasEngine {

  82. 		return nil, false

  83. 	}

  84. 

  85. 	if uid := SignedInID(ctx, sess); uid > 0 {

  86. 		user, err := models.GetUserByID(uid)

  87. 		if err == nil {

  88. 			return user, false

  89. 		} else if !models.IsErrUserNotExist(err) {

  90. 			log.Error(4, "GetUserById: %v", err)

  91. 		}

  92. 	}

  93. 

  94. 	if setting.Service.EnableReverseProxyAuth {

  95. 		webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)

  96. 		if len(webAuthUser) > 0 {

  97. 			u, err := models.GetUserByName(webAuthUser)

  98. 			if err != nil {

  99. 				if !models.IsErrUserNotExist(err) {

  100. 					log.Error(4, "GetUserByName: %v", err)

  101. 					return nil, false

  102. 				}

  103. 

  104. 				// Check if enabled auto-registration.

  105. 				if setting.Service.EnableReverseProxyAutoRegister {

  106. 					u := &models.User{

  107. 						Name:     webAuthUser,

  108. 						Email:    gouuid.NewV4().String() + "@localhost",

  109. 						Passwd:   webAuthUser,

  110. 						IsActive: true,

  111. 					}

  112. 					if err = models.CreateUser(u); err != nil {

  113. 						// FIXME: should I create a system notice?

  114. 						log.Error(4, "CreateUser: %v", err)

  115. 						return nil, false

  116. 					}

  117. 					return u, false

  118. 				}

  119. 			}

  120. 			return u, false

  121. 		}

  122. 	}

  123. 

  124. 	// Check with basic auth.

  125. 	baHead := ctx.Req.Header.Get("Authorization")

  126. 	if len(baHead) > 0 {

  127. 		auths := strings.Fields(baHead)

  128. 		if len(auths) == 2 && auths[0] == "Basic" {

  129. 			uname, passwd, _ := base.BasicAuthDecode(auths[1])

  130. 

  131. 			u, err := models.UserSignIn(uname, passwd)

  132. 			if err != nil {

  133. 				if !models.IsErrUserNotExist(err) {

  134. 					log.Error(4, "UserSignIn: %v", err)

  135. 				}

  136. 				return nil, false

  137. 			}

  138. 

  139. 			return u, true

  140. 		}

  141. 	}

  142. 	return nil, false

  143. }

  144. 

  145. // Form form binding interface

  146. type Form interface {

  147. 	binding.Validator

  148. }

  149. 

  150. func init() {

  151. 	binding.SetNameMapper(com.ToSnakeCase)

  152. }

  153. 

  154. // AssignForm assign form values back to the template data.

  155. func AssignForm(form interface{}, data map[string]interface{}) {

  156. 	typ := reflect.TypeOf(form)

  157. 	val := reflect.ValueOf(form)

  158. 

  159. 	if typ.Kind() == reflect.Ptr {

  160. 		typ = typ.Elem()

  161. 		val = val.Elem()

  162. 	}

  163. 

  164. 	for i := 0; i < typ.NumField(); i++ {

  165. 		field := typ.Field(i)

  166. 

  167. 		fieldName := field.Tag.Get("form")

  168. 		// Allow ignored fields in the struct

  169. 		if fieldName == "-" {

  170. 			continue

  171. 		} else if len(fieldName) == 0 {

  172. 			fieldName = com.ToSnakeCase(field.Name)

  173. 		}

  174. 

  175. 		data[fieldName] = val.Field(i).Interface()

  176. 	}

  177. }

  178. 

  179. func getRuleBody(field reflect.StructField, prefix string) string {

  180. 	for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {

  181. 		if strings.HasPrefix(rule, prefix) {

  182. 			return rule[len(prefix): len(rule) - 1]

  183. 		}

  184. 	}

  185. 	return ""

  186. }

  187. 

  188. // GetSize get size int form tag

  189. func GetSize(field reflect.StructField) string {

  190. 	return getRuleBody(field, "Size(")

  191. }

  192. 

  193. // GetMinSize get minimal size in form tag

  194. func GetMinSize(field reflect.StructField) string {

  195. 	return getRuleBody(field, "MinSize(")

  196. }

  197. 

  198. // GetMaxSize get max size in form tag

  199. func GetMaxSize(field reflect.StructField) string {

  200. 	return getRuleBody(field, "MaxSize(")

  201. }

  202. 

  203. // GetInclude get include in form tag

  204. func GetInclude(field reflect.StructField) string {

  205. 	return getRuleBody(field, "Include(")

  206. }

  207. 

  208. // FIXME: struct contains a struct

  209. func validateStruct(obj interface{}) binding.Errors {

  210. 

  211. 	return nil

  212. }

  213. 

  214. func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors {

  215. 	if errs.Len() == 0 {

  216. 		return errs

  217. 	}

  218. 

  219. 	data["HasError"] = true

  220. 	AssignForm(f, data)

  221. 

  222. 	typ := reflect.TypeOf(f)

  223. 	val := reflect.ValueOf(f)

  224. 

  225. 	if typ.Kind() == reflect.Ptr {

  226. 		typ = typ.Elem()

  227. 		val = val.Elem()

  228. 	}

  229. 

  230. 	for i := 0; i < typ.NumField(); i++ {

  231. 		field := typ.Field(i)

  232. 

  233. 		fieldName := field.Tag.Get("form")

  234. 		// Allow ignored fields in the struct

  235. 		if fieldName == "-" {

  236. 			continue

  237. 		}

  238. 

  239. 		if errs[0].FieldNames[0] == field.Name {

  240. 			data["Err_" + field.Name] = true

  241. 

  242. 			trName := field.Tag.Get("locale")

  243. 			if len(trName) == 0 {

  244. 				trName = l.Tr("form." + field.Name)

  245. 			} else {

  246. 				trName = l.Tr(trName)

  247. 			}

  248. 

  249. 			switch errs[0].Classification {

  250. 			case binding.ERR_REQUIRED:

  251. 				data["ErrorMsg"] = trName + l.Tr("form.require_error")

  252. 			case binding.ERR_ALPHA_DASH:

  253. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_error")

  254. 			case binding.ERR_ALPHA_DASH_DOT:

  255. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_dot_error")

  256. 			case binding.ERR_SIZE:

  257. 				data["ErrorMsg"] = trName + l.Tr("form.size_error", GetSize(field))

  258. 			case binding.ERR_MIN_SIZE:

  259. 				data["ErrorMsg"] = trName + l.Tr("form.min_size_error", GetMinSize(field))

  260. 			case binding.ERR_MAX_SIZE:

  261. 				data["ErrorMsg"] = trName + l.Tr("form.max_size_error", GetMaxSize(field))

  262. 			case binding.ERR_EMAIL:

  263. 				data["ErrorMsg"] = trName + l.Tr("form.email_error")

  264. 			case binding.ERR_URL:

  265. 				data["ErrorMsg"] = trName + l.Tr("form.url_error")

  266. 			case binding.ERR_INCLUDE:

  267. 				data["ErrorMsg"] = trName + l.Tr("form.include_error", GetInclude(field))

  268. 			default:

  269. 				data["ErrorMsg"] = l.Tr("form.unknown_error") + " " + errs[0].Classification

  270. 			}

  271. 			return errs

  272. 		}

  273. 	}

  274. 	return errs

  275. }