Browse Source

work on #609

pull/626/head
Unknwon 10 years ago
parent
commit
abc57b6e43
  1. 14
      cmd/web.go
  2. 2
      gogs.go
  3. 22
      modules/base/tool.go
  4. 21
      modules/middleware/context.go
  5. 27
      routers/repo/http.go
  6. 2
      templates/.VERSION

14
cmd/web.go

@ -64,7 +64,7 @@ func checkVersion() {
// Check dependency version. // Check dependency version.
macaronVer := git.MustParseVersion(strings.Join(strings.Split(macaron.Version(), ".")[:3], ".")) macaronVer := git.MustParseVersion(strings.Join(strings.Split(macaron.Version(), ".")[:3], "."))
if macaronVer.LessThan(git.MustParseVersion("0.2.3")) { if macaronVer.LessThan(git.MustParseVersion("0.4.0")) {
log.Fatal(4, "Package macaron version is too old, did you forget to update?(github.com/Unknwon/macaron)") log.Fatal(4, "Package macaron version is too old, did you forget to update?(github.com/Unknwon/macaron)")
} }
i18nVer := git.MustParseVersion(i18n.Version()) i18nVer := git.MustParseVersion(i18n.Version())
@ -354,7 +354,6 @@ func runWeb(*cli.Context) {
m.Post("/labels/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel) m.Post("/labels/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
m.Post("/labels/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel) m.Post("/labels/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
m.Post("/labels/delete", repo.DeleteLabel) m.Post("/labels/delete", repo.DeleteLabel)
m.Get("/milestones", repo.Milestones)
m.Get("/milestones/new", repo.NewMilestone) m.Get("/milestones/new", repo.NewMilestone)
m.Post("/milestones/new", bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost) m.Post("/milestones/new", bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
m.Get("/milestones/:index/edit", repo.UpdateMilestone) m.Get("/milestones/:index/edit", repo.UpdateMilestone)
@ -364,31 +363,28 @@ func runWeb(*cli.Context) {
m.Post("/comment/:action", repo.Comment) m.Post("/comment/:action", repo.Comment)
m.Get("/releases/new", repo.NewRelease) m.Get("/releases/new", repo.NewRelease)
m.Get("/releases/edit/:tagname", repo.EditRelease)
}, reqSignIn, middleware.RepoAssignment(true))
m.Group("/:username/:reponame", func() {
m.Post("/releases/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost) m.Post("/releases/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost)
m.Get("/releases/edit/:tagname", repo.EditRelease)
m.Post("/releases/edit/:tagname", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost) m.Post("/releases/edit/:tagname", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost)
}, reqSignIn, middleware.RepoAssignment(true)) }, reqSignIn, middleware.RepoAssignment(true))
m.Group("/:username/:reponame", func() { m.Group("/:username/:reponame", func() {
m.Get("/releases", repo.Releases)
m.Get("/issues", repo.Issues) m.Get("/issues", repo.Issues)
m.Get("/issues/:index", repo.ViewIssue) m.Get("/issues/:index", repo.ViewIssue)
m.Get("/issues/milestones", repo.Milestones)
m.Get("/pulls", repo.Pulls) m.Get("/pulls", repo.Pulls)
m.Get("/branches", repo.Branches) m.Get("/branches", repo.Branches)
m.Get("/archive/*", repo.Download) m.Get("/archive/*", repo.Download)
m.Get("/issues2/", repo.Issues2) m.Get("/issues2/", repo.Issues2)
}, ignSignIn, middleware.RepoAssignment(true))
m.Group("/:username/:reponame", func() {
m.Group("", func() { m.Group("", func() {
m.Get("/src/*", repo.Home) m.Get("/src/*", repo.Home)
m.Get("/raw/*", repo.SingleDownload) m.Get("/raw/*", repo.SingleDownload)
m.Get("/commits/*", repo.RefCommits) m.Get("/commits/*", repo.RefCommits)
m.Get("/commit/*", repo.Diff) m.Get("/commit/*", repo.Diff)
}, middleware.RepoRef()) }, middleware.RepoRef())
m.Get("/releases", repo.Releases)
m.Get("/compare/:before([a-z0-9]+)...:after([a-z0-9]+)", repo.CompareDiff) m.Get("/compare/:before([a-z0-9]+)...:after([a-z0-9]+)", repo.CompareDiff)
}, ignSignIn, middleware.RepoAssignment(true)) }, ignSignIn, middleware.RepoAssignment(true))

2
gogs.go

@ -17,7 +17,7 @@ import (
"github.com/gogits/gogs/modules/setting" "github.com/gogits/gogs/modules/setting"
) )
const APP_VER = "0.5.7.1106 Beta" const APP_VER = "0.5.7.1107 Beta"
func init() { func init() {
runtime.GOMAXPROCS(runtime.NumCPU()) runtime.GOMAXPROCS(runtime.NumCPU())

22
modules/base/tool.go

@ -9,7 +9,9 @@ import (
"crypto/md5" "crypto/md5"
"crypto/rand" "crypto/rand"
"crypto/sha1" "crypto/sha1"
"encoding/base64"
"encoding/hex" "encoding/hex"
"errors"
"fmt" "fmt"
"hash" "hash"
"html/template" "html/template"
@ -31,6 +33,26 @@ func EncodeMd5(str string) string {
return hex.EncodeToString(m.Sum(nil)) return hex.EncodeToString(m.Sum(nil))
} }
func BasicAuthDecode(encoded string) (user string, name string, err error) {
var s []byte
s, err = base64.StdEncoding.DecodeString(encoded)
if err != nil {
return user, name, err
}
a := strings.Split(string(s), ":")
if len(a) == 2 {
user, name = a[0], a[1]
} else {
err = errors.New("decode failed")
}
return user, name, err
}
func BasicAuthEncode(username, password string) string {
return base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
}
// GetRandomString generate random string by specify chars. // GetRandomString generate random string by specify chars.
func GetRandomString(n int, alphabets ...byte) string { func GetRandomString(n int, alphabets ...byte) string {
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"

21
modules/middleware/context.go

@ -173,6 +173,27 @@ func Contexter() macaron.Handler {
// Get user from session if logined. // Get user from session if logined.
ctx.User = auth.SignedInUser(ctx.Req.Header, ctx.Session) ctx.User = auth.SignedInUser(ctx.Req.Header, ctx.Session)
// Check with basic auth again.
if ctx.User == nil {
baHead := ctx.Req.Header.Get("Authorization")
auths := strings.Fields(baHead)
if len(auths) == 2 && auths[0] == "Basic" {
uname, passwd, _ := base.BasicAuthDecode(auths[1])
u, err := models.GetUserByName(uname)
if err != nil {
if err != models.ErrUserNotExist {
ctx.Handle(500, "GetUserByName", err)
return
}
} else {
if u.ValidtePassword(passwd) {
ctx.User = u
}
}
}
}
if ctx.User != nil { if ctx.User != nil {
ctx.IsSigned = true ctx.IsSigned = true
ctx.Data["IsSigned"] = ctx.IsSigned ctx.Data["IsSigned"] = ctx.IsSigned

27
routers/repo/http.go

@ -7,8 +7,6 @@ package repo
import ( import (
"bytes" "bytes"
"compress/gzip" "compress/gzip"
"encoding/base64"
"errors"
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
@ -16,6 +14,7 @@ import (
"os" "os"
"os/exec" "os/exec"
"path" "path"
"path/filepath" "path/filepath"
"regexp" "regexp"
"strconv" "strconv"
@ -29,27 +28,6 @@ import (
"github.com/gogits/gogs/modules/setting" "github.com/gogits/gogs/modules/setting"
) )
func basicEncode(username, password string) string {
auth := username + ":" + password
return base64.StdEncoding.EncodeToString([]byte(auth))
}
func basicDecode(encoded string) (user string, name string, err error) {
var s []byte
s, err = base64.StdEncoding.DecodeString(encoded)
if err != nil {
return user, name, err
}
a := strings.Split(string(s), ":")
if len(a) == 2 {
user, name = a[0], a[1]
} else {
err = errors.New("decode failed")
}
return user, name, err
}
func authRequired(ctx *middleware.Context) { func authRequired(ctx *middleware.Context) {
ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"") ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Data["ErrorMsg"] = "no basic auth and digit auth" ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
@ -112,11 +90,12 @@ func Http(ctx *middleware.Context) {
auths := strings.Fields(baHead) auths := strings.Fields(baHead)
// currently check basic auth // currently check basic auth
// TODO: support digit auth // TODO: support digit auth
// FIXME: middlewares/context.go did basic auth check already
if len(auths) != 2 || auths[0] != "Basic" { if len(auths) != 2 || auths[0] != "Basic" {
ctx.Handle(401, "no basic auth and digit auth", nil) ctx.Handle(401, "no basic auth and digit auth", nil)
return return
} }
authUsername, passwd, err = basicDecode(auths[1]) authUsername, passwd, err = base.BasicAuthDecode(auths[1])
if err != nil { if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil) ctx.Handle(401, "no basic auth and digit auth", nil)
return return

2
templates/.VERSION

@ -1 +1 @@
0.5.7.1106 Beta 0.5.7.1107 Beta
Loading…
Cancel
Save