mirrors
/
gitea
espejo de https://github.com/go-gitea/gitea.git
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Lanzamientos 211 Wiki Actividad
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3675 Commits
17 Ramas
Árbol: ac78bae7b5
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'ac78bae7b5'
${ noResults }
gitea/modules/auth/auth.go

auth.go 6.6KB
Original Blame Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package auth

  6. 

  7. import (

  8. 	"reflect"

  9. 	"strings"

  10. 	"time"

  11. 

  12. 	"github.com/Unknwon/com"

  13. 	"github.com/go-macaron/binding"

  14. 	"github.com/go-macaron/session"

  15. 	gouuid "github.com/satori/go.uuid"

  16. 	"gopkg.in/macaron.v1"

  17. 

  18. 	"github.com/gogits/gogs/models"

  19. 	"github.com/gogits/gogs/modules/base"

  20. 	"github.com/gogits/gogs/modules/log"

  21. 	"github.com/gogits/gogs/modules/setting"

  22. )

  23. 

  24. func IsAPIPath(url string) bool {

  25. 	return strings.HasPrefix(url, "/api/")

  26. }

  27. 

  28. // SignedInID returns the id of signed in user.

  29. func SignedInID(ctx *macaron.Context, sess session.Store) int64 {

  30. 	if !models.HasEngine {

  31. 		return 0

  32. 	}

  33. 

  34. 	// Check access token.

  35. 	if IsAPIPath(ctx.Req.URL.Path) {

  36. 		tokenSHA := ctx.Query("token")

  37. 		if len(tokenSHA) == 0 {

  38. 			// Well, check with header again.

  39. 			auHead := ctx.Req.Header.Get("Authorization")

  40. 			if len(auHead) > 0 {

  41. 				auths := strings.Fields(auHead)

  42. 				if len(auths) == 2 && auths[0] == "token" {

  43. 					tokenSHA = auths[1]

  44. 				}

  45. 			}

  46. 		}

  47. 

  48. 		// Let's see if token is valid.

  49. 		if len(tokenSHA) > 0 {

  50. 			t, err := models.GetAccessTokenBySHA(tokenSHA)

  51. 			if err != nil {

  52. 				if models.IsErrAccessTokenNotExist(err) {

  53. 					log.Error(4, "GetAccessTokenBySHA: %v", err)

  54. 				}

  55. 				return 0

  56. 			}

  57. 			t.Updated = time.Now()

  58. 			if err = models.UpdateAccessToken(t); err != nil {

  59. 				log.Error(4, "UpdateAccessToken: %v", err)

  60. 			}

  61. 			return t.UID

  62. 		}

  63. 	}

  64. 

  65. 	uid := sess.Get("uid")

  66. 	if uid == nil {

  67. 		return 0

  68. 	}

  69. 	if id, ok := uid.(int64); ok {

  70. 		if _, err := models.GetUserByID(id); err != nil {

  71. 			if !models.IsErrUserNotExist(err) {

  72. 				log.Error(4, "GetUserById: %v", err)

  73. 			}

  74. 			return 0

  75. 		}

  76. 		return id

  77. 	}

  78. 	return 0

  79. }

  80. 

  81. // SignedInUser returns the user object of signed user.

  82. // It returns a bool value to indicate whether user uses basic auth or not.

  83. func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {

  84. 	if !models.HasEngine {

  85. 		return nil, false

  86. 	}

  87. 

  88. 	uid := SignedInID(ctx, sess)

  89. 

  90. 	if uid <= 0 {

  91. 		if setting.Service.EnableReverseProxyAuth {

  92. 			webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)

  93. 			if len(webAuthUser) > 0 {

  94. 				u, err := models.GetUserByName(webAuthUser)

  95. 				if err != nil {

  96. 					if !models.IsErrUserNotExist(err) {

  97. 						log.Error(4, "GetUserByName: %v", err)

  98. 						return nil, false

  99. 					}

  100. 

  101. 					// Check if enabled auto-registration.

  102. 					if setting.Service.EnableReverseProxyAutoRegister {

  103. 						u := &models.User{

  104. 							Name:     webAuthUser,

  105. 							Email:    gouuid.NewV4().String() + "@localhost",

  106. 							Passwd:   webAuthUser,

  107. 							IsActive: true,

  108. 						}

  109. 						if err = models.CreateUser(u); err != nil {

  110. 							// FIXME: should I create a system notice?

  111. 							log.Error(4, "CreateUser: %v", err)

  112. 							return nil, false

  113. 						} else {

  114. 							return u, false

  115. 						}

  116. 					}

  117. 				}

  118. 				return u, false

  119. 			}

  120. 		}

  121. 

  122. 		// Check with basic auth.

  123. 		baHead := ctx.Req.Header.Get("Authorization")

  124. 		if len(baHead) > 0 {

  125. 			auths := strings.Fields(baHead)

  126. 			if len(auths) == 2 && auths[0] == "Basic" {

  127. 				uname, passwd, _ := base.BasicAuthDecode(auths[1])

  128. 

  129. 				u, err := models.UserSignIn(uname, passwd)

  130. 				if err != nil {

  131. 					if !models.IsErrUserNotExist(err) {

  132. 						log.Error(4, "UserSignIn: %v", err)

  133. 					}

  134. 					return nil, false

  135. 				}

  136. 

  137. 				return u, true

  138. 			}

  139. 		}

  140. 		return nil, false

  141. 	}

  142. 

  143. 	u, err := models.GetUserByID(uid)

  144. 	if err != nil {

  145. 		log.Error(4, "GetUserById: %v", err)

  146. 		return nil, false

  147. 	}

  148. 	return u, false

  149. }

  150. 

  151. type Form interface {

  152. 	binding.Validator

  153. }

  154. 

  155. func init() {

  156. 	binding.SetNameMapper(com.ToSnakeCase)

  157. }

  158. 

  159. // AssignForm assign form values back to the template data.

  160. func AssignForm(form interface{}, data map[string]interface{}) {

  161. 	typ := reflect.TypeOf(form)

  162. 	val := reflect.ValueOf(form)

  163. 

  164. 	if typ.Kind() == reflect.Ptr {

  165. 		typ = typ.Elem()

  166. 		val = val.Elem()

  167. 	}

  168. 

  169. 	for i := 0; i < typ.NumField(); i++ {

  170. 		field := typ.Field(i)

  171. 

  172. 		fieldName := field.Tag.Get("form")

  173. 		// Allow ignored fields in the struct

  174. 		if fieldName == "-" {

  175. 			continue

  176. 		} else if len(fieldName) == 0 {

  177. 			fieldName = com.ToSnakeCase(field.Name)

  178. 		}

  179. 

  180. 		data[fieldName] = val.Field(i).Interface()

  181. 	}

  182. }

  183. 

  184. func getRuleBody(field reflect.StructField, prefix string) string {

  185. 	for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {

  186. 		if strings.HasPrefix(rule, prefix) {

  187. 			return rule[len(prefix) : len(rule)-1]

  188. 		}

  189. 	}

  190. 	return ""

  191. }

  192. 

  193. func GetSize(field reflect.StructField) string {

  194. 	return getRuleBody(field, "Size(")

  195. }

  196. 

  197. func GetMinSize(field reflect.StructField) string {

  198. 	return getRuleBody(field, "MinSize(")

  199. }

  200. 

  201. func GetMaxSize(field reflect.StructField) string {

  202. 	return getRuleBody(field, "MaxSize(")

  203. }

  204. 

  205. func GetInclude(field reflect.StructField) string {

  206. 	return getRuleBody(field, "Include(")

  207. }

  208. 

  209. // FIXME: struct contains a struct

  210. func validateStruct(obj interface{}) binding.Errors {

  211. 

  212. 	return nil

  213. }

  214. 

  215. func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors {

  216. 	if errs.Len() == 0 {

  217. 		return errs

  218. 	}

  219. 

  220. 	data["HasError"] = true

  221. 	AssignForm(f, data)

  222. 

  223. 	typ := reflect.TypeOf(f)

  224. 	val := reflect.ValueOf(f)

  225. 

  226. 	if typ.Kind() == reflect.Ptr {

  227. 		typ = typ.Elem()

  228. 		val = val.Elem()

  229. 	}

  230. 

  231. 	for i := 0; i < typ.NumField(); i++ {

  232. 		field := typ.Field(i)

  233. 

  234. 		fieldName := field.Tag.Get("form")

  235. 		// Allow ignored fields in the struct

  236. 		if fieldName == "-" {

  237. 			continue

  238. 		}

  239. 

  240. 		if errs[0].FieldNames[0] == field.Name {

  241. 			data["Err_"+field.Name] = true

  242. 

  243. 			trName := field.Tag.Get("locale")

  244. 			if len(trName) == 0 {

  245. 				trName = l.Tr("form." + field.Name)

  246. 			} else {

  247. 				trName = l.Tr(trName)

  248. 			}

  249. 

  250. 			switch errs[0].Classification {

  251. 			case binding.ERR_REQUIRED:

  252. 				data["ErrorMsg"] = trName + l.Tr("form.require_error")

  253. 			case binding.ERR_ALPHA_DASH:

  254. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_error")

  255. 			case binding.ERR_ALPHA_DASH_DOT:

  256. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_dot_error")

  257. 			case binding.ERR_SIZE:

  258. 				data["ErrorMsg"] = trName + l.Tr("form.size_error", GetSize(field))

  259. 			case binding.ERR_MIN_SIZE:

  260. 				data["ErrorMsg"] = trName + l.Tr("form.min_size_error", GetMinSize(field))

  261. 			case binding.ERR_MAX_SIZE:

  262. 				data["ErrorMsg"] = trName + l.Tr("form.max_size_error", GetMaxSize(field))

  263. 			case binding.ERR_EMAIL:

  264. 				data["ErrorMsg"] = trName + l.Tr("form.email_error")

  265. 			case binding.ERR_URL:

  266. 				data["ErrorMsg"] = trName + l.Tr("form.url_error")

  267. 			case binding.ERR_INCLUDE:

  268. 				data["ErrorMsg"] = trName + l.Tr("form.include_error", GetInclude(field))

  269. 			default:

  270. 				data["ErrorMsg"] = l.Tr("form.unknown_error") + " " + errs[0].Classification

  271. 			}

  272. 			return errs

  273. 		}

  274. 	}

  275. 	return errs

  276. }