third_party
/
gitea
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Handle unauthorized user events gracefully (#15071)

Browse Source
tokarchuk/v1.17
Lauris BH 4 years ago committed by GitHub
parent 78e8f62706
commit 2f0eb9fd5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 11
      routers/events/events.go
  2. 2
      routers/routes/web.go

11
routers/events/events.go
Unescape View File

@ -30,6 +30,17 @@ func Events(ctx *context.Context) {
ctx.Resp.Header().Set("X-Accel-Buffering", "no")
ctx.Resp.WriteHeader(http.StatusOK)
if !ctx.IsSigned {
// Return unauthorized status event
event := (&eventsource.Event{
Name: "unauthorized",
Data: "sorry",
})
_, _ = event.WriteTo(ctx)
ctx.Resp.Flush()
return
}
// Listen to connection close and un-register messageChan
notify := ctx.Req.Context().Done()
ctx.Resp.Flush()

2
routers/routes/web.go
Unescape View File

@ -400,7 +400,7 @@ func RegisterRoutes(m *web.Route) {
})
}, reqSignOut)
m.Any("/user/events", reqSignIn, events.Events)
m.Any("/user/events", events.Events)
m.Group("/login/oauth", func() {
m.Get("/authorize", bindIgnErr(auth.AuthorizationForm{}), user.AuthorizeOAuth)

Write Preview
Loading…
Cancel
Save