Remove check on username if AccessToken authentication (#11015)

Signed-off-by: Andrew Thornton <art27@cantab.net>
tokarchuk/v1.17
zeripath 5 years ago committed by GitHub
parent f7ecc2bee7
commit 7c48085ff4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 12
      modules/auth/sso/basic.go
  2. 17
      routers/repo/http.go

@ -85,22 +85,12 @@ func (b *Basic) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models
}
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {
u, err = models.GetUserByID(token.UID)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil
}
} else {
u, err = models.GetUserByName(uname)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil
}
if u.ID != token.UID {
return nil
}
}
token.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(token); err != nil {
log.Error("UpdateAccessToken: %v", err)

@ -188,27 +188,12 @@ func HTTP(ctx *context.Context) {
// Assume password is a token.
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {
authUser, err = models.GetUserByID(token.UID)
if err != nil {
ctx.ServerError("GetUserByID", err)
return
}
} else {
authUser, err = models.GetUserByName(authUsername)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
} else {
ctx.ServerError("GetUserByName", err)
}
return
}
if authUser.ID != token.UID {
ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
return
}
}
token.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(token); err != nil {
ctx.ServerError("UpdateAccessToken", err)

Loading…
Cancel
Save