2014-03-07 16:05:18 -05:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
|
|
package auth
|
|
|
|
|
|
|
|
|
|
import (
|
2014-03-13 03:39:18 -04:00
|
|
|
"net/http"
|
|
|
|
|
"reflect"
|
2014-07-02 16:42:16 -04:00
|
|
|
"strings"
|
2014-03-13 03:39:18 -04:00
|
|
|
|
2014-03-30 12:11:28 -04:00
|
|
|
"github.com/go-martini/martini"
|
2014-03-07 16:05:18 -05:00
|
|
|
|
2014-03-30 12:11:28 -04:00
|
|
|
"github.com/gogits/session"
|
2014-03-13 03:39:18 -04:00
|
|
|
|
2014-03-07 16:05:18 -05:00
|
|
|
"github.com/gogits/gogs/models"
|
|
|
|
|
"github.com/gogits/gogs/modules/base"
|
2014-03-07 17:22:15 -05:00
|
|
|
"github.com/gogits/gogs/modules/log"
|
2014-05-05 02:42:52 -04:00
|
|
|
"github.com/gogits/gogs/modules/middleware/binding"
|
2014-06-21 00:51:41 -04:00
|
|
|
"github.com/gogits/gogs/modules/setting"
|
2014-03-07 16:05:18 -05:00
|
|
|
)
|
|
|
|
|
|
2014-07-02 16:42:16 -04:00
|
|
|
// Web form interface.
|
|
|
|
|
type Form interface {
|
|
|
|
|
Name(field string) string
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type RegisterForm struct {
|
|
|
|
|
UserName string `form:"username" binding:"Required;AlphaDashDot;MaxSize(30)"`
|
|
|
|
|
Email string `form:"email" binding:"Required;Email;MaxSize(50)"`
|
|
|
|
|
Password string `form:"passwd" binding:"Required;MinSize(6);MaxSize(30)"`
|
|
|
|
|
RetypePasswd string `form:"retypepasswd"`
|
|
|
|
|
LoginType string `form:"logintype"`
|
|
|
|
|
LoginName string `form:"loginname"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *RegisterForm) Name(field string) string {
|
|
|
|
|
names := map[string]string{
|
|
|
|
|
"UserName": "Username",
|
|
|
|
|
"Email": "E-mail address",
|
|
|
|
|
"Password": "Password",
|
|
|
|
|
"RetypePasswd": "Re-type password",
|
|
|
|
|
}
|
|
|
|
|
return names[field]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *RegisterForm) Validate(errs *binding.Errors, req *http.Request, ctx martini.Context) {
|
|
|
|
|
data := ctx.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
|
|
|
|
|
validate(errs, data, f)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type LogInForm struct {
|
|
|
|
|
UserName string `form:"username" binding:"Required;MaxSize(35)"`
|
|
|
|
|
Password string `form:"passwd" binding:"Required;MinSize(6);MaxSize(30)"`
|
|
|
|
|
Remember bool `form:"remember"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *LogInForm) Name(field string) string {
|
|
|
|
|
names := map[string]string{
|
|
|
|
|
"UserName": "Username",
|
|
|
|
|
"Password": "Password",
|
|
|
|
|
}
|
|
|
|
|
return names[field]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *LogInForm) Validate(errs *binding.Errors, req *http.Request, ctx martini.Context) {
|
|
|
|
|
data := ctx.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
|
|
|
|
|
validate(errs, data, f)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func GetMinMaxSize(field reflect.StructField) string {
|
|
|
|
|
for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {
|
|
|
|
|
if strings.HasPrefix(rule, "MinSize(") || strings.HasPrefix(rule, "MaxSize(") {
|
|
|
|
|
return rule[8 : len(rule)-1]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return ""
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func validate(errs *binding.Errors, data base.TmplData, f Form) {
|
|
|
|
|
if errs.Count() == 0 {
|
|
|
|
|
return
|
|
|
|
|
} else if len(errs.Overall) > 0 {
|
|
|
|
|
for _, err := range errs.Overall {
|
|
|
|
|
log.Error("%s: %v", reflect.TypeOf(f), err)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data["HasError"] = true
|
|
|
|
|
AssignForm(f, data)
|
|
|
|
|
|
|
|
|
|
typ := reflect.TypeOf(f)
|
|
|
|
|
val := reflect.ValueOf(f)
|
|
|
|
|
|
|
|
|
|
if typ.Kind() == reflect.Ptr {
|
|
|
|
|
typ = typ.Elem()
|
|
|
|
|
val = val.Elem()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for i := 0; i < typ.NumField(); i++ {
|
|
|
|
|
field := typ.Field(i)
|
|
|
|
|
|
|
|
|
|
fieldName := field.Tag.Get("form")
|
|
|
|
|
// Allow ignored fields in the struct
|
|
|
|
|
if fieldName == "-" {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err, ok := errs.Fields[field.Name]; ok {
|
|
|
|
|
data["Err_"+field.Name] = true
|
|
|
|
|
switch err {
|
|
|
|
|
case binding.BindingRequireError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " cannot be empty"
|
|
|
|
|
case binding.BindingAlphaDashError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " must be valid alpha or numeric or dash(-_) characters"
|
|
|
|
|
case binding.BindingAlphaDashDotError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " must be valid alpha or numeric or dash(-_) or dot characters"
|
|
|
|
|
case binding.BindingMinSizeError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " must contain at least " + GetMinMaxSize(field) + " characters"
|
|
|
|
|
case binding.BindingMaxSizeError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " must contain at most " + GetMinMaxSize(field) + " characters"
|
|
|
|
|
case binding.BindingEmailError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " is not a valid e-mail address"
|
|
|
|
|
case binding.BindingUrlError:
|
|
|
|
|
data["ErrorMsg"] = f.Name(field.Name) + " is not a valid URL"
|
|
|
|
|
default:
|
|
|
|
|
data["ErrorMsg"] = "Unknown error: " + err
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// AssignForm assign form values back to the template data.
|
|
|
|
|
func AssignForm(form interface{}, data base.TmplData) {
|
|
|
|
|
typ := reflect.TypeOf(form)
|
|
|
|
|
val := reflect.ValueOf(form)
|
|
|
|
|
|
|
|
|
|
if typ.Kind() == reflect.Ptr {
|
|
|
|
|
typ = typ.Elem()
|
|
|
|
|
val = val.Elem()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for i := 0; i < typ.NumField(); i++ {
|
|
|
|
|
field := typ.Field(i)
|
|
|
|
|
|
|
|
|
|
fieldName := field.Tag.Get("form")
|
|
|
|
|
// Allow ignored fields in the struct
|
|
|
|
|
if fieldName == "-" {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data[fieldName] = val.Field(i).Interface()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type InstallForm struct {
|
|
|
|
|
Database string `form:"database" binding:"Required"`
|
|
|
|
|
Host string `form:"host"`
|
|
|
|
|
User string `form:"user"`
|
|
|
|
|
Passwd string `form:"passwd"`
|
|
|
|
|
DatabaseName string `form:"database_name"`
|
|
|
|
|
SslMode string `form:"ssl_mode"`
|
|
|
|
|
DatabasePath string `form:"database_path"`
|
|
|
|
|
RepoRootPath string `form:"repo_path"`
|
|
|
|
|
RunUser string `form:"run_user"`
|
|
|
|
|
Domain string `form:"domain"`
|
|
|
|
|
AppUrl string `form:"app_url"`
|
|
|
|
|
AdminName string `form:"admin_name" binding:"Required;AlphaDashDot;MaxSize(30)"`
|
|
|
|
|
AdminPasswd string `form:"admin_pwd" binding:"Required;MinSize(6);MaxSize(30)"`
|
|
|
|
|
AdminEmail string `form:"admin_email" binding:"Required;Email;MaxSize(50)"`
|
|
|
|
|
SmtpHost string `form:"smtp_host"`
|
|
|
|
|
SmtpEmail string `form:"mailer_user"`
|
|
|
|
|
SmtpPasswd string `form:"mailer_pwd"`
|
|
|
|
|
RegisterConfirm string `form:"register_confirm"`
|
|
|
|
|
MailNotify string `form:"mail_notify"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *InstallForm) Name(field string) string {
|
|
|
|
|
names := map[string]string{
|
|
|
|
|
"Database": "Database name",
|
|
|
|
|
"AdminName": "Admin user name",
|
|
|
|
|
"AdminPasswd": "Admin password",
|
|
|
|
|
"AdminEmail": "Admin e-maill address",
|
|
|
|
|
}
|
|
|
|
|
return names[field]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *InstallForm) Validate(errors *binding.Errors, req *http.Request, context martini.Context) {
|
|
|
|
|
data := context.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
|
|
|
|
|
validate(errors, data, f)
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-17 14:03:58 -04:00
|
|
|
// SignedInId returns the id of signed in user.
|
2014-06-21 00:51:41 -04:00
|
|
|
func SignedInId(header http.Header, sess session.SessionStore) int64 {
|
2014-03-30 10:47:08 -04:00
|
|
|
if !models.HasEngine {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-21 00:53:46 -04:00
|
|
|
if setting.Service.EnableReverseProxyAuth {
|
2014-06-24 13:55:47 -04:00
|
|
|
webAuthUser := header.Get(setting.ReverseProxyAuthUser)
|
|
|
|
|
if len(webAuthUser) > 0 {
|
|
|
|
|
u, err := models.GetUserByName(webAuthUser)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if err != models.ErrUserNotExist {
|
|
|
|
|
log.Error("auth.user.SignedInId(GetUserByName): %v", err)
|
|
|
|
|
}
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
return u.Id
|
2014-06-21 00:51:41 -04:00
|
|
|
}
|
2014-03-07 16:05:18 -05:00
|
|
|
}
|
2014-06-21 00:51:41 -04:00
|
|
|
|
2014-06-24 13:55:47 -04:00
|
|
|
uid := sess.Get("userId")
|
|
|
|
|
if uid == nil {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
if id, ok := uid.(int64); ok {
|
2014-06-05 22:07:35 -04:00
|
|
|
if _, err := models.GetUserById(id); err != nil {
|
2014-06-21 00:51:41 -04:00
|
|
|
if err != models.ErrUserNotExist {
|
|
|
|
|
log.Error("auth.user.SignedInId(GetUserById): %v", err)
|
|
|
|
|
}
|
2014-03-11 11:54:43 -04:00
|
|
|
return 0
|
|
|
|
|
}
|
2014-06-05 22:07:35 -04:00
|
|
|
return id
|
2014-03-07 16:05:18 -05:00
|
|
|
}
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-17 14:03:58 -04:00
|
|
|
// SignedInUser returns the user object of signed user.
|
2014-06-21 00:51:41 -04:00
|
|
|
func SignedInUser(header http.Header, sess session.SessionStore) *models.User {
|
|
|
|
|
uid := SignedInId(header, sess)
|
2014-06-05 22:07:35 -04:00
|
|
|
if uid <= 0 {
|
2014-03-07 16:05:18 -05:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-05 22:07:35 -04:00
|
|
|
u, err := models.GetUserById(uid)
|
2014-03-07 16:05:18 -05:00
|
|
|
if err != nil {
|
|
|
|
|
log.Error("user.SignedInUser: %v", err)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2014-06-05 22:07:35 -04:00
|
|
|
return u
|
2014-03-07 16:05:18 -05:00
|
|
|
}
|
|
|
|
|
|
2014-03-17 14:03:58 -04:00
|
|
|
// IsSignedIn check if any user has signed in.
|
2014-06-21 00:51:41 -04:00
|
|
|
func IsSignedIn(header http.Header, sess session.SessionStore) bool {
|
|
|
|
|
return SignedInId(header, sess) > 0
|
2014-03-07 16:05:18 -05:00
|
|
|
}
|
|
|
|
|
|
2014-03-13 03:39:18 -04:00
|
|
|
type FeedsForm struct {
|
|
|
|
|
UserId int64 `form:"userid" binding:"Required"`
|
2014-03-15 05:30:59 -04:00
|
|
|
Page int64 `form:"p"`
|
2014-03-13 03:39:18 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type UpdateProfileForm struct {
|
2014-04-03 16:33:27 -04:00
|
|
|
UserName string `form:"username" binding:"Required;AlphaDash;MaxSize(30)"`
|
2014-05-01 08:26:41 -04:00
|
|
|
FullName string `form:"fullname" binding:"MaxSize(40)"`
|
2014-03-13 03:39:18 -04:00
|
|
|
Email string `form:"email" binding:"Required;Email;MaxSize(50)"`
|
2014-05-05 16:21:43 -04:00
|
|
|
Website string `form:"website" binding:"Url;MaxSize(50)"`
|
2014-03-13 03:39:18 -04:00
|
|
|
Location string `form:"location" binding:"MaxSize(50)"`
|
|
|
|
|
Avatar string `form:"avatar" binding:"Required;Email;MaxSize(50)"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *UpdateProfileForm) Name(field string) string {
|
|
|
|
|
names := map[string]string{
|
2014-04-03 16:33:27 -04:00
|
|
|
"UserName": "Username",
|
2014-03-21 06:15:58 -04:00
|
|
|
"Email": "E-mail address",
|
2014-06-27 03:37:01 -04:00
|
|
|
"Website": "Website address",
|
2014-03-13 03:39:18 -04:00
|
|
|
"Location": "Location",
|
|
|
|
|
"Avatar": "Gravatar Email",
|
|
|
|
|
}
|
|
|
|
|
return names[field]
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-08 22:12:05 -04:00
|
|
|
func (f *UpdateProfileForm) Validate(errs *binding.Errors, req *http.Request, ctx martini.Context) {
|
2014-05-05 16:21:43 -04:00
|
|
|
data := ctx.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
|
|
|
|
|
validate(errs, data, f)
|
2014-03-13 03:39:18 -04:00
|
|
|
}
|
2014-03-13 04:06:35 -04:00
|
|
|
|
|
|
|
|
type UpdatePasswdForm struct {
|
|
|
|
|
OldPasswd string `form:"oldpasswd" binding:"Required;MinSize(6);MaxSize(30)"`
|
|
|
|
|
NewPasswd string `form:"newpasswd" binding:"Required;MinSize(6);MaxSize(30)"`
|
|
|
|
|
RetypePasswd string `form:"retypepasswd"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (f *UpdatePasswdForm) Name(field string) string {
|
|
|
|
|
names := map[string]string{
|
|
|
|
|
"OldPasswd": "Old password",
|
|
|
|
|
"NewPasswd": "New password",
|
|
|
|
|
"RetypePasswd": "Re-type password",
|
|
|
|
|
}
|
|
|
|
|
return names[field]
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-08 22:12:05 -04:00
|
|
|
func (f *UpdatePasswdForm) Validate(errs *binding.Errors, req *http.Request, ctx martini.Context) {
|
2014-05-05 16:21:43 -04:00
|
|
|
data := ctx.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
|
|
|
|
|
validate(errs, data, f)
|
2014-03-13 04:06:35 -04:00
|
|
|
}
|
