mirrors
/
gitea
zrcadlo https://github.com/go-gitea/gitea.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 210 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
4199 Revize
17 Větve
Strom: 2d68bd1ef9
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „2d68bd1ef9“
${ noResults }
gitea/modules/context/auth.go

auth.go 2.6KB
Surový Blame Historie

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package context

  6. 

  7. import (

  8. 	"net/url"

  9. 

  10. 	"github.com/go-macaron/csrf"

  11. 	"gopkg.in/macaron.v1"

  12. 

  13. 	"github.com/go-gitea/gitea/modules/auth"

  14. 	"github.com/go-gitea/gitea/modules/setting"

  15. )

  16. 

  17. type ToggleOptions struct {

  18. 	SignInRequired  bool

  19. 	SignOutRequired bool

  20. 	AdminRequired   bool

  21. 	DisableCSRF     bool

  22. }

  23. 

  24. func Toggle(options *ToggleOptions) macaron.Handler {

  25. 	return func(ctx *Context) {

  26. 		// Cannot view any page before installation.

  27. 		if !setting.InstallLock {

  28. 			ctx.Redirect(setting.AppSubUrl + "/install")

  29. 			return

  30. 		}

  31. 

  32. 		// Check prohibit login users.

  33. 		if ctx.IsSigned && ctx.User.ProhibitLogin {

  34. 			ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")

  35. 			ctx.HTML(200, "user/auth/prohibit_login")

  36. 			return

  37. 		}

  38. 

  39. 		// Check non-logged users landing page.

  40. 		if !ctx.IsSigned && ctx.Req.RequestURI == "/" && setting.LandingPageURL != setting.LANDING_PAGE_HOME {

  41. 			ctx.Redirect(setting.AppSubUrl + string(setting.LandingPageURL))

  42. 			return

  43. 		}

  44. 

  45. 		// Redirect to dashboard if user tries to visit any non-login page.

  46. 		if options.SignOutRequired && ctx.IsSigned && ctx.Req.RequestURI != "/" {

  47. 			ctx.Redirect(setting.AppSubUrl + "/")

  48. 			return

  49. 		}

  50. 

  51. 		if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" && !auth.IsAPIPath(ctx.Req.URL.Path) {

  52. 			csrf.Validate(ctx.Context, ctx.csrf)

  53. 			if ctx.Written() {

  54. 				return

  55. 			}

  56. 		}

  57. 

  58. 		if options.SignInRequired {

  59. 			if !ctx.IsSigned {

  60. 				// Restrict API calls with error message.

  61. 				if auth.IsAPIPath(ctx.Req.URL.Path) {

  62. 					ctx.JSON(403, map[string]string{

  63. 						"message": "Only signed in user is allowed to call APIs.",

  64. 					})

  65. 					return

  66. 				}

  67. 

  68. 				ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)

  69. 				ctx.Redirect(setting.AppSubUrl + "/user/login")

  70. 				return

  71. 			} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {

  72. 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")

  73. 				ctx.HTML(200, "user/auth/activate")

  74. 				return

  75. 			}

  76. 		}

  77. 

  78. 		// Redirect to log in page if auto-signin info is provided and has not signed in.

  79. 		if !options.SignOutRequired && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) &&

  80. 			len(ctx.GetCookie(setting.CookieUserName)) > 0 {

  81. 			ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)

  82. 			ctx.Redirect(setting.AppSubUrl + "/user/login")

  83. 			return

  84. 		}

  85. 

  86. 		if options.AdminRequired {

  87. 			if !ctx.User.IsAdmin {

  88. 				ctx.Error(403)

  89. 				return

  90. 			}

  91. 			ctx.Data["PageIsAdmin"] = true

  92. 		}

  93. 	}

  94. }