mirrors
/
gitea
kopie van https://github.com/go-gitea/gitea.git
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Publicaties 211 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6509 Commits
17 Branches
Tree: c55caeaf0c
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'c55caeaf0c'
${ noResults }
gitea/modules/auth/auth.go

auth.go 6.9KB
Ruw Blame Geschiedenis

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package auth

  6. 

  7. import (

  8. 	"reflect"

  9. 	"strings"

  10. 

  11. 	"github.com/Unknwon/com"

  12. 	"github.com/go-macaron/binding"

  13. 	"github.com/go-macaron/session"

  14. 	gouuid "github.com/satori/go.uuid"

  15. 	"gopkg.in/macaron.v1"

  16. 

  17. 	"code.gitea.io/gitea/models"

  18. 	"code.gitea.io/gitea/modules/base"

  19. 	"code.gitea.io/gitea/modules/log"

  20. 	"code.gitea.io/gitea/modules/setting"

  21. 	"code.gitea.io/gitea/modules/util"

  22. 	"code.gitea.io/gitea/modules/validation"

  23. )

  24. 

  25. // IsAPIPath if URL is an api path

  26. func IsAPIPath(url string) bool {

  27. 	return strings.HasPrefix(url, "/api/")

  28. }

  29. 

  30. // SignedInID returns the id of signed in user.

  31. func SignedInID(ctx *macaron.Context, sess session.Store) int64 {

  32. 	if !models.HasEngine {

  33. 		return 0

  34. 	}

  35. 

  36. 	// Check access token.

  37. 	if IsAPIPath(ctx.Req.URL.Path) {

  38. 		tokenSHA := ctx.Query("token")

  39. 		if len(tokenSHA) <= 0 {

  40. 			tokenSHA = ctx.Query("access_token")

  41. 		}

  42. 		if len(tokenSHA) == 0 {

  43. 			// Well, check with header again.

  44. 			auHead := ctx.Req.Header.Get("Authorization")

  45. 			if len(auHead) > 0 {

  46. 				auths := strings.Fields(auHead)

  47. 				if len(auths) == 2 && auths[0] == "token" {

  48. 					tokenSHA = auths[1]

  49. 				}

  50. 			}

  51. 		}

  52. 

  53. 		// Let's see if token is valid.

  54. 		if len(tokenSHA) > 0 {

  55. 			t, err := models.GetAccessTokenBySHA(tokenSHA)

  56. 			if err != nil {

  57. 				if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {

  58. 					log.Error(4, "GetAccessTokenBySHA: %v", err)

  59. 				}

  60. 				return 0

  61. 			}

  62. 			t.UpdatedUnix = util.TimeStampNow()

  63. 			if err = models.UpdateAccessToken(t); err != nil {

  64. 				log.Error(4, "UpdateAccessToken: %v", err)

  65. 			}

  66. 			return t.UID

  67. 		}

  68. 	}

  69. 

  70. 	uid := sess.Get("uid")

  71. 	if uid == nil {

  72. 		return 0

  73. 	} else if id, ok := uid.(int64); ok {

  74. 		return id

  75. 	}

  76. 	return 0

  77. }

  78. 

  79. // SignedInUser returns the user object of signed user.

  80. // It returns a bool value to indicate whether user uses basic auth or not.

  81. func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {

  82. 	if !models.HasEngine {

  83. 		return nil, false

  84. 	}

  85. 

  86. 	if uid := SignedInID(ctx, sess); uid > 0 {

  87. 		user, err := models.GetUserByID(uid)

  88. 		if err == nil {

  89. 			return user, false

  90. 		} else if !models.IsErrUserNotExist(err) {

  91. 			log.Error(4, "GetUserById: %v", err)

  92. 		}

  93. 	}

  94. 

  95. 	if setting.Service.EnableReverseProxyAuth {

  96. 		webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)

  97. 		if len(webAuthUser) > 0 {

  98. 			u, err := models.GetUserByName(webAuthUser)

  99. 			if err != nil {

  100. 				if !models.IsErrUserNotExist(err) {

  101. 					log.Error(4, "GetUserByName: %v", err)

  102. 					return nil, false

  103. 				}

  104. 

  105. 				// Check if enabled auto-registration.

  106. 				if setting.Service.EnableReverseProxyAutoRegister {

  107. 					u := &models.User{

  108. 						Name:     webAuthUser,

  109. 						Email:    gouuid.NewV4().String() + "@localhost",

  110. 						Passwd:   webAuthUser,

  111. 						IsActive: true,

  112. 					}

  113. 					if err = models.CreateUser(u); err != nil {

  114. 						// FIXME: should I create a system notice?

  115. 						log.Error(4, "CreateUser: %v", err)

  116. 						return nil, false

  117. 					}

  118. 					return u, false

  119. 				}

  120. 			}

  121. 			return u, false

  122. 		}

  123. 	}

  124. 

  125. 	// Check with basic auth.

  126. 	baHead := ctx.Req.Header.Get("Authorization")

  127. 	if len(baHead) > 0 {

  128. 		auths := strings.Fields(baHead)

  129. 		if len(auths) == 2 && auths[0] == "Basic" {

  130. 			uname, passwd, _ := base.BasicAuthDecode(auths[1])

  131. 

  132. 			u, err := models.UserSignIn(uname, passwd)

  133. 			if err != nil {

  134. 				if !models.IsErrUserNotExist(err) {

  135. 					log.Error(4, "UserSignIn: %v", err)

  136. 				}

  137. 				return nil, false

  138. 			}

  139. 

  140. 			return u, true

  141. 		}

  142. 	}

  143. 	return nil, false

  144. }

  145. 

  146. // Form form binding interface

  147. type Form interface {

  148. 	binding.Validator

  149. }

  150. 

  151. func init() {

  152. 	binding.SetNameMapper(com.ToSnakeCase)

  153. }

  154. 

  155. // AssignForm assign form values back to the template data.

  156. func AssignForm(form interface{}, data map[string]interface{}) {

  157. 	typ := reflect.TypeOf(form)

  158. 	val := reflect.ValueOf(form)

  159. 

  160. 	if typ.Kind() == reflect.Ptr {

  161. 		typ = typ.Elem()

  162. 		val = val.Elem()

  163. 	}

  164. 

  165. 	for i := 0; i < typ.NumField(); i++ {

  166. 		field := typ.Field(i)

  167. 

  168. 		fieldName := field.Tag.Get("form")

  169. 		// Allow ignored fields in the struct

  170. 		if fieldName == "-" {

  171. 			continue

  172. 		} else if len(fieldName) == 0 {

  173. 			fieldName = com.ToSnakeCase(field.Name)

  174. 		}

  175. 

  176. 		data[fieldName] = val.Field(i).Interface()

  177. 	}

  178. }

  179. 

  180. func getRuleBody(field reflect.StructField, prefix string) string {

  181. 	for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {

  182. 		if strings.HasPrefix(rule, prefix) {

  183. 			return rule[len(prefix) : len(rule)-1]

  184. 		}

  185. 	}

  186. 	return ""

  187. }

  188. 

  189. // GetSize get size int form tag

  190. func GetSize(field reflect.StructField) string {

  191. 	return getRuleBody(field, "Size(")

  192. }

  193. 

  194. // GetMinSize get minimal size in form tag

  195. func GetMinSize(field reflect.StructField) string {

  196. 	return getRuleBody(field, "MinSize(")

  197. }

  198. 

  199. // GetMaxSize get max size in form tag

  200. func GetMaxSize(field reflect.StructField) string {

  201. 	return getRuleBody(field, "MaxSize(")

  202. }

  203. 

  204. // GetInclude get include in form tag

  205. func GetInclude(field reflect.StructField) string {

  206. 	return getRuleBody(field, "Include(")

  207. }

  208. 

  209. // FIXME: struct contains a struct

  210. func validateStruct(obj interface{}) binding.Errors {

  211. 

  212. 	return nil

  213. }

  214. 

  215. func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors {

  216. 	if errs.Len() == 0 {

  217. 		return errs

  218. 	}

  219. 

  220. 	data["HasError"] = true

  221. 	AssignForm(f, data)

  222. 

  223. 	typ := reflect.TypeOf(f)

  224. 	val := reflect.ValueOf(f)

  225. 

  226. 	if typ.Kind() == reflect.Ptr {

  227. 		typ = typ.Elem()

  228. 		val = val.Elem()

  229. 	}

  230. 

  231. 	for i := 0; i < typ.NumField(); i++ {

  232. 		field := typ.Field(i)

  233. 

  234. 		fieldName := field.Tag.Get("form")

  235. 		// Allow ignored fields in the struct

  236. 		if fieldName == "-" {

  237. 			continue

  238. 		}

  239. 

  240. 		if errs[0].FieldNames[0] == field.Name {

  241. 			data["Err_"+field.Name] = true

  242. 

  243. 			trName := field.Tag.Get("locale")

  244. 			if len(trName) == 0 {

  245. 				trName = l.Tr("form." + field.Name)

  246. 			} else {

  247. 				trName = l.Tr(trName)

  248. 			}

  249. 

  250. 			switch errs[0].Classification {

  251. 			case binding.ERR_REQUIRED:

  252. 				data["ErrorMsg"] = trName + l.Tr("form.require_error")

  253. 			case binding.ERR_ALPHA_DASH:

  254. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_error")

  255. 			case binding.ERR_ALPHA_DASH_DOT:

  256. 				data["ErrorMsg"] = trName + l.Tr("form.alpha_dash_dot_error")

  257. 			case validation.ErrGitRefName:

  258. 				data["ErrorMsg"] = trName + l.Tr("form.git_ref_name_error")

  259. 			case binding.ERR_SIZE:

  260. 				data["ErrorMsg"] = trName + l.Tr("form.size_error", GetSize(field))

  261. 			case binding.ERR_MIN_SIZE:

  262. 				data["ErrorMsg"] = trName + l.Tr("form.min_size_error", GetMinSize(field))

  263. 			case binding.ERR_MAX_SIZE:

  264. 				data["ErrorMsg"] = trName + l.Tr("form.max_size_error", GetMaxSize(field))

  265. 			case binding.ERR_EMAIL:

  266. 				data["ErrorMsg"] = trName + l.Tr("form.email_error")

  267. 			case binding.ERR_URL:

  268. 				data["ErrorMsg"] = trName + l.Tr("form.url_error")

  269. 			case binding.ERR_INCLUDE:

  270. 				data["ErrorMsg"] = trName + l.Tr("form.include_error", GetInclude(field))

  271. 			default:

  272. 				data["ErrorMsg"] = l.Tr("form.unknown_error") + " " + errs[0].Classification

  273. 			}

  274. 			return errs

  275. 		}

  276. 	}

  277. 	return errs

  278. }