Clean oauth code

tokarchuk/v1.17
Unknown 11 years ago
parent 8c266f2df5
commit 4b9b8024ba
  1. 30
      conf/app.ini
  2. 23
      models/oauth2.go
  3. 9
      models/repo.go
  4. 2
      models/user.go
  5. 35
      modules/base/conf.go
  6. 3
      modules/middleware/context.go
  7. 228
      modules/oauth2/oauth2.go
  8. 162
      modules/oauth2/oauth2_test.go
  9. 333
      modules/social/social.go
  10. 8
      routers/install.go
  11. 6
      routers/user/home.go
  12. 282
      routers/user/social.go
  13. 115
      routers/user/user.go
  14. 2
      templates/user/dashboard.tmpl
  15. 8
      templates/user/profile.tmpl
  16. 35
      templates/user/signin.tmpl
  17. 2
      templates/user/signup.tmpl

@ -76,10 +76,38 @@ PASSWD =
ENABLED = false ENABLED = false
[oauth.github] [oauth.github]
ENABLED = ENABLED = false
CLIENT_ID = CLIENT_ID =
CLIENT_SECRET = CLIENT_SECRET =
SCOPES = https://api.github.com/user SCOPES = https://api.github.com/user
AUTH_URL = https://github.com/login/oauth/authorize
TOKEN_URL = https://github.com/login/oauth/access_token
; Get client id and secret from
; https://console.developers.google.com/project
[oauth.google]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
AUTH_URL = https://accounts.google.com/o/oauth2/auth
TOKEN_URL = https://accounts.google.com/o/oauth2/token
[oauth.qq]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = all
AUTH_URL = https://open.t.qq.com/cgi-bin/oauth2/authorize
TOKEN_URL = https://open.t.qq.com/cgi-bin/oauth2/access_token
[oauth.twitter]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = all
AUTH_URL = https://api.twitter.com/oauth/authorize
TOKEN_URL = https://api.twitter.com/oauth/access_token
[cache] [cache]
; Either "memory", "redis", or "memcache", default is "memory" ; Either "memory", "redis", or "memcache", default is "memory"

@ -14,11 +14,15 @@ const (
OT_GOOGLE OT_GOOGLE
OT_TWITTER OT_TWITTER
OT_QQ OT_QQ
OT_WEIBO
OT_BITBUCKET
OT_OSCHINA
OT_FACEBOOK
) )
var ( var (
ErrOauth2RecordNotExists = errors.New("not exists oauth2 record") ErrOauth2RecordNotExist = errors.New("OAuth2 record does not exist")
ErrOauth2NotAssociatedWithUser = errors.New("not associated with user") ErrOauth2NotAssociated = errors.New("OAuth2 is not associated with user")
) )
type Oauth2 struct { type Oauth2 struct {
@ -35,12 +39,10 @@ func BindUserOauth2(userId, oauthId int64) error {
return err return err
} }
func AddOauth2(oa *Oauth2) (err error) { func AddOauth2(oa *Oauth2) error {
if _, err = orm.Insert(oa); err != nil { _, err := orm.Insert(oa)
return err return err
} }
return nil
}
func GetOauth2(identity string) (oa *Oauth2, err error) { func GetOauth2(identity string) (oa *Oauth2, err error) {
oa = &Oauth2{Identity: identity} oa = &Oauth2{Identity: identity}
@ -48,9 +50,9 @@ func GetOauth2(identity string) (oa *Oauth2, err error) {
if err != nil { if err != nil {
return return
} else if !isExist { } else if !isExist {
return nil, ErrOauth2RecordNotExists return nil, ErrOauth2RecordNotExist
} else if oa.Uid == -1 { } else if oa.Uid == -1 {
return oa, ErrOauth2NotAssociatedWithUser return oa, ErrOauth2NotAssociated
} }
oa.User, err = GetUserById(oa.Uid) oa.User, err = GetUserById(oa.Uid)
return oa, err return oa, err
@ -61,9 +63,8 @@ func GetOauth2ById(id int64) (oa *Oauth2, err error) {
has, err := orm.Id(id).Get(oa) has, err := orm.Id(id).Get(oa)
if err != nil { if err != nil {
return nil, err return nil, err
} } else if !has {
if !has { return nil, ErrOauth2RecordNotExist
return nil, ErrOauth2RecordNotExists
} }
return oa, nil return oa, nil
} }

@ -714,9 +714,14 @@ func GetRepositoryById(id int64) (*Repository, error) {
} }
// GetRepositories returns the list of repositories of given user. // GetRepositories returns the list of repositories of given user.
func GetRepositories(user *User) ([]Repository, error) { func GetRepositories(user *User, private bool) ([]Repository, error) {
repos := make([]Repository, 0, 10) repos := make([]Repository, 0, 10)
err := orm.Desc("updated").Find(&repos, &Repository{OwnerId: user.Id}) sess := orm.Desc("updated")
if !private {
sess.Where("is_private=?", false)
}
err := sess.Find(&repos, &Repository{OwnerId: user.Id})
return repos, err return repos, err
} }

@ -234,7 +234,7 @@ func ChangeUserName(user *User, newUserName string) (err error) {
} }
} }
repos, err := GetRepositories(user) repos, err := GetRepositories(user, true)
if err != nil { if err != nil {
return err return err
} }

@ -29,13 +29,17 @@ type Mailer struct {
User, Passwd string User, Passwd string
} }
// Oauther represents oauth service. type OauthInfo struct {
type Oauther struct {
GitHub struct {
Enabled bool
ClientId, ClientSecret string ClientId, ClientSecret string
Scopes string Scopes string
AuthUrl, TokenUrl string
} }
// Oauther represents oauth service.
type Oauther struct {
GitHub, Google, Tencent bool
Twitter bool
OauthInfos map[string]*OauthInfo
} }
var ( var (
@ -252,26 +256,6 @@ func newNotifyMailService() {
log.Info("Notify Mail Service Enabled") log.Info("Notify Mail Service Enabled")
} }
func newOauthService() {
if !Cfg.MustBool("oauth", "ENABLED") {
return
}
OauthService = &Oauther{}
oauths := make([]string, 0, 10)
// GitHub.
if Cfg.MustBool("oauth.github", "ENABLED") {
OauthService.GitHub.Enabled = true
OauthService.GitHub.ClientId = Cfg.MustValue("oauth.github", "CLIENT_ID")
OauthService.GitHub.ClientSecret = Cfg.MustValue("oauth.github", "CLIENT_SECRET")
OauthService.GitHub.Scopes = Cfg.MustValue("oauth.github", "SCOPES")
oauths = append(oauths, "GitHub")
}
log.Info("Oauth Service Enabled %s", oauths)
}
func NewConfigContext() { func NewConfigContext() {
//var err error //var err error
workDir, err := ExecDir() workDir, err := ExecDir()
@ -328,7 +312,7 @@ func NewConfigContext() {
} }
} }
func NewServices() { func NewBaseServices() {
newService() newService()
newLogService() newLogService()
newCacheService() newCacheService()
@ -336,5 +320,4 @@ func NewServices() {
newMailService() newMailService()
newRegisterMailService() newRegisterMailService()
newNotifyMailService() newNotifyMailService()
newOauthService()
} }

@ -82,7 +82,8 @@ func (ctx *Context) HasError() bool {
if !ok { if !ok {
return false return false
} }
ctx.Flash.Error(ctx.Data["ErrorMsg"].(string)) ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
ctx.Data["Flash"] = ctx.Flash
return hasErr.(bool) return hasErr.(bool)
} }

@ -1,228 +0,0 @@
// Copyright 2014 Google Inc. All Rights Reserved.
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
// Package oauth2 contains Martini handlers to provide
// user login via an OAuth 2.0 backend.
package oauth2
import (
"encoding/json"
"net/http"
"net/url"
"strings"
"time"
"code.google.com/p/goauth2/oauth"
"github.com/go-martini/martini"
"github.com/gogits/session"
"github.com/gogits/gogs/modules/log"
"github.com/gogits/gogs/modules/middleware"
)
const (
keyToken = "oauth2_token"
keyNextPage = "next"
)
var (
// Path to handle OAuth 2.0 logins.
PathLogin = "/login"
// Path to handle OAuth 2.0 logouts.
PathLogout = "/logout"
// Path to handle callback from OAuth 2.0 backend
// to exchange credentials.
PathCallback = "/oauth2callback"
// Path to handle error cases.
PathError = "/oauth2error"
)
// Represents OAuth2 backend options.
type Options struct {
ClientId string
ClientSecret string
RedirectURL string
Scopes []string
AuthUrl string
TokenUrl string
}
// Represents a container that contains
// user's OAuth 2.0 access and refresh tokens.
type Tokens interface {
Access() string
Refresh() string
IsExpired() bool
ExpiryTime() time.Time
ExtraData() map[string]string
}
type token struct {
oauth.Token
}
func (t *token) ExtraData() map[string]string {
return t.Extra
}
// Returns the access token.
func (t *token) Access() string {
return t.AccessToken
}
// Returns the refresh token.
func (t *token) Refresh() string {
return t.RefreshToken
}
// Returns whether the access token is
// expired or not.
func (t *token) IsExpired() bool {
if t == nil {
return true
}
return t.Expired()
}
// Returns the expiry time of the user's
// access token.
func (t *token) ExpiryTime() time.Time {
return t.Expiry
}
// Returns a new Google OAuth 2.0 backend endpoint.
func Google(opts *Options) martini.Handler {
opts.AuthUrl = "https://accounts.google.com/o/oauth2/auth"
opts.TokenUrl = "https://accounts.google.com/o/oauth2/token"
return NewOAuth2Provider(opts)
}
// Returns a new Github OAuth 2.0 backend endpoint.
func Github(opts *Options) martini.Handler {
opts.AuthUrl = "https://github.com/login/oauth/authorize"
opts.TokenUrl = "https://github.com/login/oauth/access_token"
return NewOAuth2Provider(opts)
}
func Facebook(opts *Options) martini.Handler {
opts.AuthUrl = "https://www.facebook.com/dialog/oauth"
opts.TokenUrl = "https://graph.facebook.com/oauth/access_token"
return NewOAuth2Provider(opts)
}
// Returns a generic OAuth 2.0 backend endpoint.
func NewOAuth2Provider(opts *Options) martini.Handler {
config := &oauth.Config{
ClientId: opts.ClientId,
ClientSecret: opts.ClientSecret,
RedirectURL: opts.RedirectURL,
Scope: strings.Join(opts.Scopes, " "),
AuthURL: opts.AuthUrl,
TokenURL: opts.TokenUrl,
}
transport := &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
return func(c martini.Context, ctx *middleware.Context) {
if ctx.Req.Method == "GET" {
switch ctx.Req.URL.Path {
case PathLogin:
login(transport, ctx)
case PathLogout:
logout(transport, ctx)
case PathCallback:
handleOAuth2Callback(transport, ctx)
}
}
tk := unmarshallToken(ctx.Session)
if tk != nil {
// check if the access token is expired
if tk.IsExpired() && tk.Refresh() == "" {
ctx.Session.Delete(keyToken)
tk = nil
}
}
// Inject tokens.
c.MapTo(tk, (*Tokens)(nil))
}
}
// Handler that redirects user to the login page
// if user is not logged in.
// Sample usage:
// m.Get("/login-required", oauth2.LoginRequired, func() ... {})
var LoginRequired martini.Handler = func() martini.Handler {
return func(c martini.Context, ctx *middleware.Context) {
token := unmarshallToken(ctx.Session)
if token == nil || token.IsExpired() {
next := url.QueryEscape(ctx.Req.URL.RequestURI())
ctx.Redirect(PathLogin + "?next=" + next)
return
}
}
}()
func login(t *oauth.Transport, ctx *middleware.Context) {
next := extractPath(ctx.Query(keyNextPage))
if ctx.Session.Get(keyToken) == nil {
// User is not logged in.
ctx.Redirect(t.Config.AuthCodeURL(next))
return
}
// No need to login, redirect to the next page.
ctx.Redirect(next)
}
func logout(t *oauth.Transport, ctx *middleware.Context) {
next := extractPath(ctx.Query(keyNextPage))
ctx.Session.Delete(keyToken)
ctx.Redirect(next)
}
func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
if errMsg := ctx.Query("error_description"); len(errMsg) > 0 {
log.Error("oauth2.handleOAuth2Callback: %s", errMsg)
return
}
next := extractPath(ctx.Query("state"))
code := ctx.Query("code")
tk, err := t.Exchange(code)
if err != nil {
// Pass the error message, or allow dev to provide its own
// error handler.
log.Error("oauth2.handleOAuth2Callback(token.Exchange): %v", err)
// ctx.Redirect(PathError)
return
}
// Store the credentials in the session.
val, _ := json.Marshal(tk)
ctx.Session.Set(keyToken, val)
ctx.Redirect(next)
}
func unmarshallToken(s session.SessionStore) (t *token) {
if s.Get(keyToken) == nil {
return
}
data := s.Get(keyToken).([]byte)
var tk oauth.Token
json.Unmarshal(data, &tk)
return &token{tk}
}
func extractPath(next string) string {
n, err := url.Parse(next)
if err != nil {
return "/"
}
return n.Path
}

@ -1,162 +0,0 @@
// Copyright 2014 Google Inc. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package oauth2
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/go-martini/martini"
"github.com/martini-contrib/sessions"
)
func Test_LoginRedirect(t *testing.T) {
recorder := httptest.NewRecorder()
m := martini.New()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(Google(&Options{
ClientId: "client_id",
ClientSecret: "client_secret",
RedirectURL: "refresh_url",
Scopes: []string{"x", "y"},
}))
r, _ := http.NewRequest("GET", "/login", nil)
m.ServeHTTP(recorder, r)
location := recorder.HeaderMap["Location"][0]
if recorder.Code != 302 {
t.Errorf("Not being redirected to the auth page.")
}
if location != "https://accounts.google.com/o/oauth2/auth?access_type=&approval_prompt=&client_id=client_id&redirect_uri=refresh_url&response_type=code&scope=x+y&state=" {
t.Errorf("Not being redirected to the right page, %v found", location)
}
}
func Test_LoginRedirectAfterLoginRequired(t *testing.T) {
recorder := httptest.NewRecorder()
m := martini.Classic()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(Google(&Options{
ClientId: "client_id",
ClientSecret: "client_secret",
RedirectURL: "refresh_url",
Scopes: []string{"x", "y"},
}))
m.Get("/login-required", LoginRequired, func(tokens Tokens) (int, string) {
return 200, tokens.Access()
})
r, _ := http.NewRequest("GET", "/login-required?key=value", nil)
m.ServeHTTP(recorder, r)
location := recorder.HeaderMap["Location"][0]
if recorder.Code != 302 {
t.Errorf("Not being redirected to the auth page.")
}
if location != "/login?next=%2Flogin-required%3Fkey%3Dvalue" {
t.Errorf("Not being redirected to the right page, %v found", location)
}
}
func Test_Logout(t *testing.T) {
recorder := httptest.NewRecorder()
s := sessions.NewCookieStore([]byte("secret123"))
m := martini.Classic()
m.Use(sessions.Sessions("my_session", s))
m.Use(Google(&Options{
// no need to configure
}))
m.Get("/", func(s sessions.Session) {
s.Set(keyToken, "dummy token")
})
m.Get("/get", func(s sessions.Session) {
if s.Get(keyToken) != nil {
t.Errorf("User credentials are still kept in the session.")
}
})
logout, _ := http.NewRequest("GET", "/logout", nil)
index, _ := http.NewRequest("GET", "/", nil)
m.ServeHTTP(httptest.NewRecorder(), index)
m.ServeHTTP(recorder, logout)
if recorder.Code != 302 {
t.Errorf("Not being redirected to the next page.")
}
}
func Test_LogoutOnAccessTokenExpiration(t *testing.T) {
recorder := httptest.NewRecorder()
s := sessions.NewCookieStore([]byte("secret123"))
m := martini.Classic()
m.Use(sessions.Sessions("my_session", s))
m.Use(Google(&Options{
// no need to configure
}))
m.Get("/addtoken", func(s sessions.Session) {
s.Set(keyToken, "dummy token")
})
m.Get("/", func(s sessions.Session) {
if s.Get(keyToken) != nil {
t.Errorf("User not logged out although access token is expired.")
}
})
addtoken, _ := http.NewRequest("GET", "/addtoken", nil)
index, _ := http.NewRequest("GET", "/", nil)
m.ServeHTTP(recorder, addtoken)
m.ServeHTTP(recorder, index)
}
func Test_InjectedTokens(t *testing.T) {
recorder := httptest.NewRecorder()
m := martini.Classic()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(Google(&Options{
// no need to configure
}))
m.Get("/", func(tokens Tokens) string {
return "Hello world!"
})
r, _ := http.NewRequest("GET", "/", nil)
m.ServeHTTP(recorder, r)
}
func Test_LoginRequired(t *testing.T) {
recorder := httptest.NewRecorder()
m := martini.Classic()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(Google(&Options{
// no need to configure
}))
m.Get("/", LoginRequired, func(tokens Tokens) string {
return "Hello world!"
})
r, _ := http.NewRequest("GET", "/", nil)
m.ServeHTTP(recorder, r)
if recorder.Code != 302 {
t.Errorf("Not being redirected to the auth page although user is not logged in.")
}
}

@ -0,0 +1,333 @@
// Copyright 2014 Google Inc. All Rights Reserved.
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package social
import (
"encoding/json"
"net/http"
"net/url"
"strconv"
"strings"
"code.google.com/p/goauth2/oauth"
"github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/base"
"github.com/gogits/gogs/modules/log"
)
type BasicUserInfo struct {
Identity string
Name string
Email string
}
type SocialConnector interface {
Type() int
SetRedirectUrl(string)
UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
AuthCodeURL(string) string
Exchange(string) (*oauth.Token, error)
}
var (
SocialBaseUrl = "/user/login"
SocialMap = make(map[string]SocialConnector)
)
func NewOauthService() {
if !base.Cfg.MustBool("oauth", "ENABLED") {
return
}
base.OauthService = &base.Oauther{}
base.OauthService.OauthInfos = make(map[string]*base.OauthInfo)
socialConfigs := make(map[string]*oauth.Config)
allOauthes := []string{"github", "google", "qq", "twitter"}
// Load all OAuth config data.
for _, name := range allOauthes {
base.OauthService.OauthInfos[name] = &base.OauthInfo{
ClientId: base.Cfg.MustValue("oauth."+name, "CLIENT_ID"),
ClientSecret: base.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"),
Scopes: base.Cfg.MustValue("oauth."+name, "SCOPES"),
AuthUrl: base.Cfg.MustValue("oauth."+name, "AUTH_URL"),
TokenUrl: base.Cfg.MustValue("oauth."+name, "TOKEN_URL"),
}
socialConfigs[name] = &oauth.Config{
ClientId: base.OauthService.OauthInfos[name].ClientId,
ClientSecret: base.OauthService.OauthInfos[name].ClientSecret,
RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + SocialBaseUrl + name,
Scope: base.OauthService.OauthInfos[name].Scopes,
AuthURL: base.OauthService.OauthInfos[name].AuthUrl,
TokenURL: base.OauthService.OauthInfos[name].TokenUrl,
}
}
enabledOauths := make([]string, 0, 10)
// GitHub.
if base.Cfg.MustBool("oauth.github", "ENABLED") {
base.OauthService.GitHub = true
newGitHubOauth(socialConfigs["github"])
enabledOauths = append(enabledOauths, "GitHub")
}
// Google.
if base.Cfg.MustBool("oauth.google", "ENABLED") {
base.OauthService.Google = true
newGoogleOauth(socialConfigs["google"])
enabledOauths = append(enabledOauths, "Google")
}
// QQ.
if base.Cfg.MustBool("oauth.qq", "ENABLED") {
base.OauthService.Tencent = true
newTencentOauth(socialConfigs["qq"])
enabledOauths = append(enabledOauths, "QQ")
}
// Twitter.
if base.Cfg.MustBool("oauth.twitter", "ENABLED") {
base.OauthService.Twitter = true
newTwitterOauth(socialConfigs["twitter"])
enabledOauths = append(enabledOauths, "Twitter")
}
log.Info("Oauth Service Enabled %s", enabledOauths)
}
// ________.__ __ ___ ___ ___.
// / _____/|__|/ |_ / | \ __ _\_ |__
// / \ ___| \ __\/ ~ \ | \ __ \
// \ \_\ \ || | \ Y / | / \_\ \
// \______ /__||__| \___|_ /|____/|___ /
// \/ \/ \/
type SocialGithub struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGithub) Type() int {
return models.OT_GITHUB
}
func newGitHubOauth(config *oauth.Config) {
SocialMap["github"] = &SocialGithub{
Transport: &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
},
}
}
func (s *SocialGithub) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
transport := &oauth.Transport{
Token: token,
}
var data struct {
Id int `json:"id"`
Name string `json:"login"`
Email string `json:"email"`
}
var err error
r, err := transport.Client().Get(s.Transport.Scope)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: strconv.Itoa(data.Id),
Name: data.Name,
Email: data.Email,
}, nil
}
// ________ .__
// / _____/ ____ ____ ____ | | ____
// / \ ___ / _ \ / _ \ / ___\| | _/ __ \
// \ \_\ ( <_> | <_> ) /_/ > |_\ ___/
// \______ /\____/ \____/\___ /|____/\___ >
// \/ /_____/ \/
type SocialGoogle struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGoogle) Type() int {
return models.OT_GOOGLE
}
func newGoogleOauth(config *oauth.Config) {
SocialMap["google"] = &SocialGoogle{
Transport: &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
},
}
}
func (s *SocialGoogle) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
transport := &oauth.Transport{Token: token}
var data struct {
Id string `json:"id"`
Name string `json:"name"`
Email string `json:"email"`
}
var err error
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
r, err := transport.Client().Get(reqUrl)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: data.Id,
Name: data.Name,
Email: data.Email,
}, nil
}
// ________ ________
// \_____ \ \_____ \
// / / \ \ / / \ \
// / \_/. \/ \_/. \
// \_____\ \_/\_____\ \_/
// \__> \__>
type SocialTencent struct {
Token *oauth.Token
*oauth.Transport
reqUrl string
}
func (s *SocialTencent) Type() int {
return models.OT_QQ
}
func newTencentOauth(config *oauth.Config) {
SocialMap["qq"] = &SocialTencent{
reqUrl: "https://open.t.qq.com/api/user/info",
Transport: &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
},
}
}
func (s *SocialTencent) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
var data struct {
Data struct {
Id string `json:"openid"`
Name string `json:"name"`
Email string `json:"email"`
} `json:"data"`
}
var err error
// https://open.t.qq.com/api/user/info?
//oauth_consumer_key=APP_KEY&
//access_token=ACCESSTOKEN&openid=openid
//clientip=CLIENTIP&oauth_version=2.a
//scope=all
var urls = url.Values{
"oauth_consumer_key": {s.Transport.Config.ClientId},
"access_token": {token.AccessToken},
"openid": URL.Query()["openid"],
"oauth_version": {"2.a"},
"scope": {"all"},
}
r, err := http.Get(s.reqUrl + "?" + urls.Encode())
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: data.Data.Id,
Name: data.Data.Name,
Email: data.Data.Email,
}, nil
}
// ___________ .__ __ __
// \__ ___/_ _ _|__|/ |__/ |_ ___________
// | | \ \/ \/ / \ __\ __\/ __ \_ __ \
// | | \ /| || | | | \ ___/| | \/
// |____| \/\_/ |__||__| |__| \___ >__|
// \/
type SocialTwitter struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialTwitter) Type() int {
return models.OT_TWITTER
}
func newTwitterOauth(config *oauth.Config) {
SocialMap["twitter"] = &SocialTwitter{
Transport: &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
},
}
}
func (s *SocialTwitter) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
//https://github.com/mrjones/oauth
func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
// transport := &oauth.Transport{Token: token}
// var data struct {
// Id string `json:"id"`
// Name string `json:"name"`
// Email string `json:"email"`
// }
// var err error
// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
// r, err := transport.Client().Get(reqUrl)
// if err != nil {
// return nil, err
// }
// defer r.Body.Close()
// if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
// return nil, err
// }
// return &BasicUserInfo{
// Identity: data.Id,
// Name: data.Name,
// Email: data.Email,
// }, nil
return nil, nil
}

@ -22,6 +22,7 @@ import (
"github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/log"
"github.com/gogits/gogs/modules/mailer" "github.com/gogits/gogs/modules/mailer"
"github.com/gogits/gogs/modules/middleware" "github.com/gogits/gogs/modules/middleware"
"github.com/gogits/gogs/modules/social"
) )
// Check run mode(Default of martini is Dev). // Check run mode(Default of martini is Dev).
@ -36,6 +37,11 @@ func checkRunMode() {
log.Info("Run Mode: %s", strings.Title(martini.Env)) log.Info("Run Mode: %s", strings.Title(martini.Env))
} }
func NewServices() {
base.NewBaseServices()
social.NewOauthService()
}
// GlobalInit is for global configuration reload-able. // GlobalInit is for global configuration reload-able.
func GlobalInit() { func GlobalInit() {
base.NewConfigContext() base.NewConfigContext()
@ -52,7 +58,7 @@ func GlobalInit() {
models.HasEngine = true models.HasEngine = true
cron.NewCronContext() cron.NewCronContext()
} }
base.NewServices() NewServices()
checkRunMode() checkRunMode()
} }

@ -18,7 +18,7 @@ import (
func Dashboard(ctx *middleware.Context) { func Dashboard(ctx *middleware.Context) {
ctx.Data["Title"] = "Dashboard" ctx.Data["Title"] = "Dashboard"
ctx.Data["PageIsUserDashboard"] = true ctx.Data["PageIsUserDashboard"] = true
repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}) repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}, true)
if err != nil { if err != nil {
ctx.Handle(500, "user.Dashboard", err) ctx.Handle(500, "user.Dashboard", err)
return return
@ -58,7 +58,7 @@ func Profile(ctx *middleware.Context, params martini.Params) {
} }
ctx.Data["Feeds"] = feeds ctx.Data["Feeds"] = feeds
default: default:
repos, err := models.GetRepositories(user) repos, err := models.GetRepositories(user, ctx.IsSigned && ctx.User.Id == user.Id)
if err != nil { if err != nil {
ctx.Handle(500, "user.Profile", err) ctx.Handle(500, "user.Profile", err)
return return
@ -119,7 +119,7 @@ func Issues(ctx *middleware.Context) {
} }
// Get all repositories. // Get all repositories.
repos, err := models.GetRepositories(ctx.User) repos, err := models.GetRepositories(ctx.User, true)
if err != nil { if err != nil {
ctx.Handle(200, "user.Issues(get repositories)", err) ctx.Handle(200, "user.Issues(get repositories)", err)
return return

@ -6,36 +6,20 @@ package user
import ( import (
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"net/http"
"net/url" "net/url"
"strconv"
"strings" "strings"
"code.google.com/p/goauth2/oauth"
"github.com/go-martini/martini" "github.com/go-martini/martini"
"github.com/gogits/gogs/models" "github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/base"
"github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/log"
"github.com/gogits/gogs/modules/middleware" "github.com/gogits/gogs/modules/middleware"
"github.com/gogits/gogs/modules/social"
) )
type BasicUserInfo struct {
Identity string
Name string
Email string
}
type SocialConnector interface {
Type() int
SetRedirectUrl(string)
UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
AuthCodeURL(string) string
Exchange(string) (*oauth.Token, error)
}
func extractPath(next string) string { func extractPath(next string) string {
n, err := url.Parse(next) n, err := url.Parse(next)
if err != nil { if err != nil {
@ -44,278 +28,72 @@ func extractPath(next string) string {
return n.Path return n.Path
} }
var ( func SocialSignIn(ctx *middleware.Context, params martini.Params) {
SocialBaseUrl = "/user/login" if base.OauthService == nil {
SocialMap = make(map[string]SocialConnector) ctx.Handle(404, "social.SocialSignIn(oauth service not enabled)", nil)
)
// github && google && ...
func SocialSignIn(params martini.Params, ctx *middleware.Context) {
if base.OauthService == nil || !base.OauthService.GitHub.Enabled {
ctx.Handle(404, "social login not enabled", nil)
return return
} }
next := extractPath(ctx.Query("next")) next := extractPath(ctx.Query("next"))
name := params["name"] name := params["name"]
connect, ok := SocialMap[name] connect, ok := social.SocialMap[name]
if !ok { if !ok {
ctx.Handle(404, "social login", nil) ctx.Handle(404, "social.SocialSignIn(social login not enabled)", errors.New(name))
return return
} }
code := ctx.Query("code") code := ctx.Query("code")
if code == "" { if code == "" {
// redirect to social login page // redirect to social login page
connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Host + ctx.Req.URL.Path) connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Path)
ctx.Redirect(connect.AuthCodeURL(next)) ctx.Redirect(connect.AuthCodeURL(next))
return return
} }
// handle call back // handle call back
tk, err := connect.Exchange(code) // exchange for token tk, err := connect.Exchange(code)
if err != nil { if err != nil {
log.Error("oauth2 handle callback error: %v", err) ctx.Handle(500, "social.SocialSignIn(Exchange)", err)
ctx.Handle(500, "exchange code error", nil)
return return
} }
next = extractPath(ctx.Query("state")) next = extractPath(ctx.Query("state"))
log.Trace("success get token") log.Trace("social.SocialSignIn(Got token)")
ui, err := connect.UserInfo(tk, ctx.Req.URL) ui, err := connect.UserInfo(tk, ctx.Req.URL)
if err != nil { if err != nil {
ctx.Handle(500, fmt.Sprintf("get infomation from %s error: %v", name, err), nil) ctx.Handle(500, fmt.Sprintf("social.SocialSignIn(get info from %s)", name), err)
log.Error("social connect error: %s", err)
return return
} }
log.Info("social login: %s", ui) log.Info("social.SocialSignIn(social login): %s", ui)
oa, err := models.GetOauth2(ui.Identity) oa, err := models.GetOauth2(ui.Identity)
switch err { switch err {
case nil: case nil:
ctx.Session.Set("userId", oa.User.Id) ctx.Session.Set("userId", oa.User.Id)
ctx.Session.Set("userName", oa.User.Name) ctx.Session.Set("userName", oa.User.Name)
case models.ErrOauth2RecordNotExists: case models.ErrOauth2RecordNotExist:
oa = &models.Oauth2{} raw, _ := json.Marshal(tk)
raw, _ := json.Marshal(tk) // json encode oa = &models.Oauth2{
oa.Token = string(raw) Uid: -1,
oa.Uid = -1 Type: connect.Type(),
oa.Type = connect.Type() Identity: ui.Identity,
oa.Identity = ui.Identity Token: string(raw),
log.Trace("oa: %v", oa) }
log.Trace("social.SocialSignIn(oa): %v", oa)
if err = models.AddOauth2(oa); err != nil { if err = models.AddOauth2(oa); err != nil {
log.Error("add oauth2 %v", err) // 501 log.Error("social.SocialSignIn(add oauth2): %v", err) // 501
return return
} }
case models.ErrOauth2NotAssociatedWithUser: case models.ErrOauth2NotAssociated:
next = "/user/sign_up" next = "/user/sign_up"
default: default:
log.Error("other error: %v", err) ctx.Handle(500, "social.SocialSignIn(GetOauth2)", err)
ctx.Handle(500, err.Error(), nil)
return return
} }
ctx.Session.Set("socialId", oa.Id) ctx.Session.Set("socialId", oa.Id)
ctx.Session.Set("socialName", ui.Name) ctx.Session.Set("socialName", ui.Name)
ctx.Session.Set("socialEmail", ui.Email) ctx.Session.Set("socialEmail", ui.Email)
log.Trace("socialId: %v", oa.Id) log.Trace("social.SocialSignIn(social ID): %v", oa.Id)
ctx.Redirect(next) ctx.Redirect(next)
} }
// ________.__ __ ___ ___ ___.
// / _____/|__|/ |_ / | \ __ _\_ |__
// / \ ___| \ __\/ ~ \ | \ __ \
// \ \_\ \ || | \ Y / | / \_\ \
// \______ /__||__| \___|_ /|____/|___ /
// \/ \/ \/
type SocialGithub struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGithub) Type() int {
return models.OT_GITHUB
}
func init() {
github := &SocialGithub{}
name := "github"
config := &oauth.Config{
ClientId: "09383403ff2dc16daaa1", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea", //base.OauthService.GitHub.ClientSecret,
RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + "/user/login/" + name, //ctx.Req.URL.RequestURI(),
Scope: "https://api.github.com/user",
AuthURL: "https://github.com/login/oauth/authorize",
TokenURL: "https://github.com/login/oauth/access_token",
}
github.Transport = &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
SocialMap[name] = github
}
func (s *SocialGithub) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
transport := &oauth.Transport{
Token: token,
}
var data struct {
Id int `json:"id"`
Name string `json:"login"`
Email string `json:"email"`
}
var err error
r, err := transport.Client().Get(s.Transport.Scope)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: strconv.Itoa(data.Id),
Name: data.Name,
Email: data.Email,
}, nil
}
// ________ .__
// / _____/ ____ ____ ____ | | ____
// / \ ___ / _ \ / _ \ / ___\| | _/ __ \
// \ \_\ ( <_> | <_> ) /_/ > |_\ ___/
// \______ /\____/ \____/\___ /|____/\___ >
// \/ /_____/ \/
type SocialGoogle struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGoogle) Type() int {
return models.OT_GOOGLE
}
func init() {
google := &SocialGoogle{}
name := "google"
// get client id and secret from
// https://console.developers.google.com/project
config := &oauth.Config{
ClientId: "849753812404-mpd7ilvlb8c7213qn6bre6p6djjskti9.apps.googleusercontent.com", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
ClientSecret: "VukKc4MwaJUSmiyv3D7ANVCa", //base.OauthService.GitHub.ClientSecret,
Scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
AuthURL: "https://accounts.google.com/o/oauth2/auth",
TokenURL: "https://accounts.google.com/o/oauth2/token",
}
google.Transport = &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
SocialMap[name] = google
}
func (s *SocialGoogle) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
transport := &oauth.Transport{Token: token}
var data struct {
Id string `json:"id"`
Name string `json:"name"`
Email string `json:"email"`
}
var err error
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
r, err := transport.Client().Get(reqUrl)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: data.Id,
Name: data.Name,
Email: data.Email,
}, nil
}
// ________ ________
// \_____ \ \_____ \
// / / \ \ / / \ \
// / \_/. \/ \_/. \
// \_____\ \_/\_____\ \_/
// \__> \__>
type SocialQQ struct {
Token *oauth.Token
*oauth.Transport
reqUrl string
}
func (s *SocialQQ) Type() int {
return models.OT_QQ
}
func init() {
qq := &SocialQQ{}
name := "qq"
config := &oauth.Config{
ClientId: "801497180", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
ClientSecret: "16cd53b8ad2e16a36fc2c8f87d9388f2", //base.OauthService.GitHub.ClientSecret,
Scope: "all",
AuthURL: "https://open.t.qq.com/cgi-bin/oauth2/authorize",
TokenURL: "https://open.t.qq.com/cgi-bin/oauth2/access_token",
}
qq.reqUrl = "https://open.t.qq.com/api/user/info"
qq.Transport = &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
SocialMap[name] = qq
}
func (s *SocialQQ) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialQQ) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
var data struct {
Data struct {
Id string `json:"openid"`
Name string `json:"name"`
Email string `json:"email"`
} `json:"data"`
}
var err error
// https://open.t.qq.com/api/user/info?
//oauth_consumer_key=APP_KEY&
//access_token=ACCESSTOKEN&openid=openid
//clientip=CLIENTIP&oauth_version=2.a
//scope=all
var urls = url.Values{
"oauth_consumer_key": {s.Transport.Config.ClientId},
"access_token": {token.AccessToken},
"openid": URL.Query()["openid"],
"oauth_version": {"2.a"},
"scope": {"all"},
}
r, err := http.Get(s.reqUrl + "?" + urls.Encode())
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: data.Data.Id,
Name: data.Data.Name,
Email: data.Data.Email,
}, nil
}

@ -19,9 +19,15 @@ import (
func SignIn(ctx *middleware.Context) { func SignIn(ctx *middleware.Context) {
ctx.Data["Title"] = "Log In" ctx.Data["Title"] = "Log In"
if _, ok := ctx.Session.Get("socialId").(int64); ok {
ctx.Data["IsSocialLogin"] = true
ctx.HTML(200, "user/signin")
return
}
if base.OauthService != nil { if base.OauthService != nil {
ctx.Data["OauthEnabled"] = true ctx.Data["OauthEnabled"] = true
ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled ctx.Data["OauthService"] = base.OauthService
} }
// Check auto-login. // Check auto-login.
@ -34,7 +40,7 @@ func SignIn(ctx *middleware.Context) {
isSucceed := false isSucceed := false
defer func() { defer func() {
if !isSucceed { if !isSucceed {
log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName) log.Trace("user.SignIn(auto-login cookie cleared): %s", userName)
ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieUserName, "", -1)
ctx.SetCookie(base.CookieRememberName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1)
return return
@ -70,9 +76,12 @@ func SignIn(ctx *middleware.Context) {
func SignInPost(ctx *middleware.Context, form auth.LogInForm) { func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
ctx.Data["Title"] = "Log In" ctx.Data["Title"] = "Log In"
if base.OauthService != nil { sid, isOauth := ctx.Session.Get("socialId").(int64)
if isOauth {
ctx.Data["IsSocialLogin"] = true
} else if base.OauthService != nil {
ctx.Data["OauthEnabled"] = true ctx.Data["OauthEnabled"] = true
ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled ctx.Data["OauthService"] = base.OauthService
} }
if ctx.HasError() { if ctx.HasError() {
@ -99,13 +108,20 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
} }
// Bind with social account // Bind with social account.
if sid, ok := ctx.Session.Get("socialId").(int64); ok { if isOauth {
if err = models.BindUserOauth2(user.Id, sid); err != nil { if err = models.BindUserOauth2(user.Id, sid); err != nil {
log.Error("bind user error: %v", err) if err == models.ErrOauth2RecordNotExist {
ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err)
} else {
ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err)
}
return
} }
ctx.Session.Delete("socialId") ctx.Session.Delete("socialId")
log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
} }
ctx.Session.Set("userId", user.Id) ctx.Session.Set("userId", user.Id)
ctx.Session.Set("userName", user.Name) ctx.Session.Set("userName", user.Name)
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
@ -117,6 +133,27 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
ctx.Redirect("/") ctx.Redirect("/")
} }
func oauthSignInPost(ctx *middleware.Context, sid int64) {
ctx.Data["Title"] = "OAuth Sign Up"
ctx.Data["PageIsSignUp"] = true
if _, err := models.GetOauth2ById(sid); err != nil {
if err == models.ErrOauth2RecordNotExist {
ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
} else {
ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
}
return
}
ctx.Data["IsSocialLogin"] = true
ctx.Data["username"] = ctx.Session.Get("socialName")
ctx.Data["email"] = ctx.Session.Get("socialEmail")
log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
ctx.HTML(200, "user/signup")
}
func SignOut(ctx *middleware.Context) { func SignOut(ctx *middleware.Context) {
ctx.Session.Delete("userId") ctx.Session.Delete("userId")
ctx.Session.Delete("userName") ctx.Session.Delete("userName")
@ -132,23 +169,37 @@ func SignUp(ctx *middleware.Context) {
ctx.Data["Title"] = "Sign Up" ctx.Data["Title"] = "Sign Up"
ctx.Data["PageIsSignUp"] = true ctx.Data["PageIsSignUp"] = true
if sid, ok := ctx.Session.Get("socialId").(int64); ok {
var err error
if _, err = models.GetOauth2ById(sid); err == nil {
ctx.Data["IsSocialLogin"] = true
// FIXME: don't set in error page
ctx.Data["username"] = ctx.Session.Get("socialName")
ctx.Data["email"] = ctx.Session.Get("socialEmail")
} else {
log.Error("unaccepted oauth error: %s", err) // FIXME: should it show in page
}
}
if base.Service.DisenableRegisteration { if base.Service.DisenableRegisteration {
ctx.Data["DisenableRegisteration"] = true ctx.Data["DisenableRegisteration"] = true
ctx.HTML(200, "user/signup") ctx.HTML(200, "user/signup")
return return
} }
log.Info("session: %v", ctx.Session.Get("socialId"))
if sid, ok := ctx.Session.Get("socialId").(int64); ok {
oauthSignUp(ctx, sid)
return
}
ctx.HTML(200, "user/signup")
}
func oauthSignUp(ctx *middleware.Context, sid int64) {
ctx.Data["Title"] = "OAuth Sign Up"
ctx.Data["PageIsSignUp"] = true
if _, err := models.GetOauth2ById(sid); err != nil {
if err == models.ErrOauth2RecordNotExist {
ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
} else {
ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
}
return
}
ctx.Data["IsSocialLogin"] = true
ctx.Data["username"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1)
ctx.Data["email"] = ctx.Session.Get("socialEmail")
log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
ctx.HTML(200, "user/signup") ctx.HTML(200, "user/signup")
} }
@ -162,6 +213,11 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
return return
} }
sid, isOauth := ctx.Session.Get("socialId").(int64)
if isOauth {
ctx.Data["IsSocialLogin"] = true
}
if form.Password != form.RetypePasswd { if form.Password != form.RetypePasswd {
ctx.Data["HasError"] = true ctx.Data["HasError"] = true
ctx.Data["Err_Password"] = true ctx.Data["Err_Password"] = true
@ -179,7 +235,7 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
Name: form.UserName, Name: form.UserName,
Email: form.Email, Email: form.Email,
Passwd: form.Password, Passwd: form.Password,
IsActive: !base.Service.RegisterEmailConfirm, IsActive: !base.Service.RegisterEmailConfirm || isOauth,
} }
var err error var err error
@ -192,20 +248,25 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
case models.ErrUserNameIllegal: case models.ErrUserNameIllegal:
ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form) ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form)
default: default:
ctx.Handle(500, "user.SignUp", err) ctx.Handle(500, "user.SignUp(RegisterUser)", err)
} }
return return
} }
log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName)) log.Trace("%s User created: %s", ctx.Req.RequestURI, form.UserName)
// Bind Social Account
if sid, ok := ctx.Session.Get("socialId").(int64); ok { // Bind social account.
models.BindUserOauth2(u.Id, sid) if isOauth {
if err = models.BindUserOauth2(u.Id, sid); err != nil {
ctx.Handle(500, "user.SignUp(BindUserOauth2)", err)
return
}
ctx.Session.Delete("socialId") ctx.Session.Delete("socialId")
log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
} }
// Send confirmation e-mail. // Send confirmation e-mail, no need for social account.
if base.Service.RegisterEmailConfirm && u.Id > 1 { if !isOauth && base.Service.RegisterEmailConfirm && u.Id > 1 {
mailer.SendRegisterMail(ctx.Render, u) mailer.SendRegisterMail(ctx.Render, u)
ctx.Data["IsSendRegisterMail"] = true ctx.Data["IsSendRegisterMail"] = true
ctx.Data["Email"] = u.Email ctx.Data["Email"] = u.Email

@ -44,7 +44,7 @@
<ul class="list-group">{{range .MyRepos}} <ul class="list-group">{{range .MyRepos}}
<li class="list-group-item"><a href="/{{$.SignedUserName}}/{{.Name}}"> <li class="list-group-item"><a href="/{{$.SignedUserName}}/{{.Name}}">
<!-- <span class="stars pull-right"><i class="fa fa-star"></i>{{.NumStars}}</span> --> <!-- <span class="stars pull-right"><i class="fa fa-star"></i>{{.NumStars}}</span> -->
<i class="fa fa-book"></i>{{.Name}}</a> <i class="fa fa-book"></i>{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a>
</li>{{end}} </li>{{end}}
</ul> </ul>
</div> </div>

@ -20,8 +20,8 @@
<li class="list-group-item"><i class="fa fa-link"></i><a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a></li> <li class="list-group-item"><i class="fa fa-link"></i><a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a></li>
{{end}} {{end}}
<li class="list-group-item"><i class="fa fa-clock-o"></i>Joined on {{DateFormat .Owner.Created "M d, Y"}}</li> <li class="list-group-item"><i class="fa fa-clock-o"></i>Joined on {{DateFormat .Owner.Created "M d, Y"}}</li>
<hr> <!-- <hr> -->
<li class="list-group-item" style="padding-top: 5px;"> <!-- <li class="list-group-item" style="padding-top: 5px;">
<div class="profile-rel"> <div class="profile-rel">
<div class="col-md-6 followers"> <div class="col-md-6 followers">
<strong>123</strong> <strong>123</strong>
@ -33,7 +33,7 @@
</div> </div>
</div> </div>
</li> </li>
<hr> <hr> -->
</ul> </ul>
</div> </div>
</div> </div>
@ -65,7 +65,7 @@
<li> <li>
<div class="meta pull-right"><!-- <i class="fa fa-star"></i> {{.NumStars}} --> <i class="fa fa-code-fork"></i> {{.NumForks}}</div> <div class="meta pull-right"><!-- <i class="fa fa-star"></i> {{.NumStars}} --> <i class="fa fa-code-fork"></i> {{.NumForks}}</div>
<h4> <h4>
<a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}</a> <a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a>
</h4> </h4>
<p class="desc">{{.Description}}</p> <p class="desc">{{.Description}}</p>
<div class="info">Last updated {{.Updated|TimeSince}}</div> <div class="info">Last updated {{.Updated|TimeSince}}</div>

@ -3,15 +3,11 @@
<div class="container" id="body" data-page="user-signin"> <div class="container" id="body" data-page="user-signin">
<form action="/user/login" method="post" class="form-horizontal card" id="login-card"> <form action="/user/login" method="post" class="form-horizontal card" id="login-card">
{{.CsrfTokenHtml}} {{.CsrfTokenHtml}}
<h3>Log in {{if .IsSocialLogin}}
<!--{{if .OauthEnabled}} <h3>Social login: 2nd step <small>associate account</small></h3>
<small class="pull-right">social login: {{else}}
{{if .OauthGitHubEnabled}} <h3>Log in</h3>
<a href="/user/login/github?next=/user/sign_up"><i class="fa fa-github-square fa-2x"></i></a>
{{end}} {{end}}
</small>
{{end}}-->
</h3>
{{template "base/alert" .}} {{template "base/alert" .}}
<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> <div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
<label class="col-md-4 control-label">Username: </label> <label class="col-md-4 control-label">Username: </label>
@ -27,7 +23,7 @@
</div> </div>
</div> </div>
<div class="form-group"> {{if not .IsSocialLogin}}<div class="form-group">
<div class="col-md-6 col-md-offset-4"> <div class="col-md-6 col-md-offset-4">
<div class="checkbox"> <div class="checkbox">
<label> <label>
@ -36,16 +32,16 @@
</label> </label>
</div> </div>
</div> </div>
</div> </div>{{end}}
<div class="form-group"> <div class="form-group">
<div class="col-md-offset-4 col-md-6"> <div class="col-md-offset-4 col-md-6">
<button type="submit" class="btn btn-lg btn-primary">Log In</button> <button type="submit" class="btn btn-lg btn-primary">Log In</button>
<a href="/user/forget_password/">Forgot your password?</a> {{if not .IsSocialLogin}}<a href="/user/forget_password/">Forgot your password?</a>{{end}}
</div> </div>
</div> </div>
<div class="form-group"> {{if not .IsSocialLogin}}<div class="form-group">
<div class="col-md-offset-4 col-md-6"> <div class="col-md-offset-4 col-md-6">
<a href="/user/sign_up">Need an account? Sign up now.</a> <a href="/user/sign_up">Need an account? Sign up now.</a>
</div> </div>
@ -54,10 +50,7 @@
{{if .OauthEnabled}} {{if .OauthEnabled}}
<div class="form-group text-center" id="social-login"> <div class="form-group text-center" id="social-login">
<h4><span>or</span></h4> <h4><span>or</span></h4>
<!--<a href="/user/login/github?next=/user/sign_up" class="btn btn-default google"> <!--
<i class="fa fa-google-plus-square fa-2x"></i>
<span>Google</span>
</a>
<a href="/user/login/github?next=/user/sign_up" class="btn btn-default facebbok"> <a href="/user/login/github?next=/user/sign_up" class="btn btn-default facebbok">
<i class="fa fa-facebook-square fa-2x"></i> <i class="fa fa-facebook-square fa-2x"></i>
<span>Facebook</span> <span>Facebook</span>
@ -66,12 +59,12 @@
<i class="fa fa-weibo fa-2x"></i> <i class="fa fa-weibo fa-2x"></i>
<span>Weibo</span> <span>Weibo</span>
</a>--> </a>-->
{{if .OauthGitHubEnabled}}<a href="/user/login/github?next=/user/sign_up" class="github btn btn-default"> {{if .OauthService.GitHub}}<a href="/user/login/github?next=/user/sign_up" class="btn btn-default"><i class="fa fa-github-square fa-2x"></i><span>GitHub</span></a>{{end}}
<i class="fa fa-github-square fa-2x"></i> {{if .OauthService.Google}}<a href="/user/login/google?next=/user/sign_up" class="btn btn-default"><i class="fa fa-google-plus-square fa-2x"></i><span>Google</span></a>{{end}}
<span>GitHub</span> {{if .OauthService.Tencent}}<a href="/user/login/twitter?next=/user/sign_up" class="btn btn-default"><i class="fa fa-twitter-square fa-2x"></i><span>Twitter</span></a>{{end}}
</a>{{end}} {{if .OauthService.Tencent}}<a href="/user/login/qq?next=/user/sign_up" class="btn btn-default"><i class="fa fa-linux fa-2x"></i><span>QQ</span></a>{{end}}
</div> </div>
{{end}} {{end}}{{end}}
</form> </form>
</div> </div>
{{template "base/footer" .}} {{template "base/footer" .}}

@ -1,6 +1,6 @@
{{template "base/head" .}} {{template "base/head" .}}
{{template "base/navbar" .}} {{template "base/navbar" .}}
<div class="container" id="body" data-page="user-signup"> <div class="container" id="body">
<form action="/user/sign_up" method="post" class="form-horizontal card" id="login-card"> <form action="/user/sign_up" method="post" class="form-horizontal card" id="login-card">
{{.CsrfTokenHtml}} {{.CsrfTokenHtml}}
{{if .DisenableRegisteration}} {{if .DisenableRegisteration}}

Loading…
Cancel
Save