1
0
mirror of https://github.com/go-gitea/gitea.git synced 2025-01-03 14:57:55 -05:00
Commit Graph

19 Commits

Author SHA1 Message Date
Lunny Xiao
b8911fb456
Use a struct as test options ()
* Use a struct as test options

* Fix name

* Fix test
2022-04-14 21:58:21 +08:00
wxiaoguang
84ceaa98bd
Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. ()
Do a refactoring to the CSRF related code, remove most unnecessary functions.
Parse the generated token's issue time, regenerate the token every a few minutes.
2022-04-08 13:21:05 +08:00
KN4CK3R
3f280f89e7
Update HTTP status codes to modern codes ()
* 2xx/3xx/4xx/5xx -> http.Status...
* http.StatusFound -> http.StatusTemporaryRedirect
* http.StatusMovedPermanently -> http.StatusPermanentRedirect
2022-03-23 12:54:07 +08:00
wxiaoguang
7a550b3af2
Use ctx instead of db.DefaultContext in some packages(routers/services/modules) ()
* Remove `db.DefaultContext` usage in routers, use `ctx` directly

* Use `ctx` directly if there is one, remove some `db.DefaultContext` in `services`

* Use ctx instead of db.DefaultContext for `cmd` and some `modules` packages

* fix incorrect context usage
2022-03-22 16:22:54 +01:00
KN4CK3R
80fd25524e
Renamed ctx.User to ctx.Doer. ()
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 15:03:22 +08:00
zeripath
7fc5fd6415
Do not send activation email if manual confirm is set ()
If the mailer is configured then even if Manual confirm is set an activation email
is still being sent because `handleUserCreated` is not checking for this case.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-03-18 17:57:07 +08:00
KN4CK3R
c88f2e2acc
Handle email address not exist. () 2022-03-15 10:18:39 +01:00
Lunny Xiao
18033f49ba
Restrict email address validation ()
This didn't follow the RFC but it's a subset of that. I think we should narrow the allowed chars at first and discuss more possibility in future PRs.
2022-03-14 18:39:54 +01:00
zeripath
1c5afd17ee
Prevent panic on prohibited user login with oauth2 ()
There was an unfortunate regression in  where following detection of the
UserProhibitLogin error the err is cast to a pointer by mistake.

This causes a panic due to an interface error.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-03 10:44:18 +00:00
zeripath
7d452558f0
Fix OAuth Source Edit Page ()
* Fix OAuth Source Edit Page to ensure restricted and group settings are set
* Also tolerate []interface in the groups

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-31 20:41:11 +00:00
wxiaoguang
49dd906753
Use base32 for 2FA scratch token ()
* Use base32 for 2FA scratch token
* rename Secure* to Crypto*, add comments
2022-01-26 12:10:10 +08:00
zeripath
44deae8f3d
Refactor jwt.StandardClaims to RegisteredClaims ()
* Refactor jwt.StandardClaims to RegisteredClaims

go-jwt/jwt has deprecated the StandardClaims interface to use RegisteredClaims
instead. This PR migrates to use this new format.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-01-20 22:52:56 +01:00
6543
54e9ee37a7
format with gofumpt ()
* gofumpt -w -l .

* gofumpt -w -l -extra .

* Add linter

* manual fix

* change make fmt
2022-01-20 18:46:10 +01:00
Gusted
1d98d205f5
Enable deprecation error for v1.17.0 ()
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-01-20 18:00:38 +01:00
wxiaoguang
6fba174606
Fix incorrect OAuth message ()
As the title,

Fix 
2022-01-19 19:05:06 +00:00
zeripath
d7c2a2951c
Webauthn nits ()
This contains some additional fixes and small nits related to  

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-15 17:52:56 +01:00
Lunny Xiao
35c3553870
Support webauthn ()
Migrate from U2F to Webauthn

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-14 16:03:31 +01:00
KN4CK3R
e30b20dc68
Show OAuth callback error message ()
* Show callback error message.

* lint

* Use error code to display a message.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-07 21:02:09 +00:00
Lunny Xiao
de8e3948a5
Refactor auth package () 2022-01-02 21:12:35 +08:00