Merge branch 'dev' of https://github.com/gogits/gogs into dev

11 years ago · 98f918ed28
parent 3ede496383 b7c3b0cc73
commit 98f918ed28
32 changed files with 658 additions and 153 deletions
--- a/.gopmfile
+++ b/.gopmfile
@ -1,25 +1,26 @@
 [target]
-path=github.com/gogits/gogs
+path = github.com/gogits/gogs

 [deps]
-github.com/codegangsta/cli=
-github.com/go-martini/martini=
-github.com/Unknwon/com=
-github.com/Unknwon/cae=
-github.com/Unknwon/goconfig=
-github.com/dchest/scrypt=
-github.com/nfnt/resize=
-github.com/lunny/xorm=
-github.com/go-sql-driver/mysql=
-github.com/lib/pq=
-github.com/gogits/logs=
-github.com/gogits/binding=
-github.com/gogits/git=
-github.com/gogits/gfm=
-github.com/gogits/cache=
-github.com/gogits/session=
-github.com/gogits/webdav=
+github.com/codegangsta/cli = 
+github.com/go-martini/martini = 
+github.com/Unknwon/com = 
+github.com/Unknwon/cae = 
+github.com/Unknwon/goconfig = 
+github.com/dchest/scrypt = 
+github.com/nfnt/resize = 
+github.com/lunny/xorm = 
+github.com/go-sql-driver/mysql = 
+github.com/lib/pq = 
+github.com/gogits/logs = 
+github.com/gogits/binding = 
+github.com/gogits/git = 
+github.com/gogits/gfm = 
+github.com/gogits/cache = 
+github.com/gogits/session = 
+github.com/gogits/webdav = 
+code.google.com/p/goauth2 = 

 [res]
-include=templates|public|conf
+include = templates|public|conf

--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language

 ![Demo](http://gowalker.org/public/gogs_demo.gif)

-##### Current version: 0.2.0 Alpha
+##### Current version: 0.2.1 Alpha

 #### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site.

@ -30,8 +30,8 @@ More importantly, Gogs only needs one binary to setup your own project hosting o

 - Activity timeline
 - SSH/HTTPS(Clone only) protocol support.
- Register/delete account.
- Create/delete/watch public repository.
+- Register/delete/rename account.
+- Create/delete/watch/rename/transfer public repository.
 - Repository viewer.
 - Issue tracker.
 - Gravatar and cache support.
--- a/README_ZH.md
+++ b/README_ZH.md
@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。

 ![Demo](http://gowalker.org/public/gogs_demo.gif)

-##### 当前版本：0.2.0 Alpha
+##### 当前版本：0.2.1 Alpha

 ## 开发目的

@ -24,8 +24,8 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作，实现 **零** 依

 - 活动时间线
 - SSH/HTTPS（仅限 Clone） 协议支持
- 注册/删除用户
- 创建/删除/关注公开仓库
+- 注册/删除/重命名用户
+- 创建/删除/关注/重命名/转移公开仓库
 - 仓库浏览器
 - Bug 追踪系统
 - Gravatar 以及缓存支持
--- a/conf/app.ini
+++ b/conf/app.ini
@ -12,10 +12,13 @@ LANG_IGNS = Google Go|C|C++|Python|Ruby|C Sharp
 LICENSES = Apache v2 License|GPL v2|MIT License|Affero GPL|Artistic License 2.0|BSD (3-Clause) License

 [server]
+PROTOCOL = http
 DOMAIN = localhost
-ROOT_URL = http://%(DOMAIN)s:%(HTTP_PORT)s/
+ROOT_URL = %(PROTOCOL)://%(DOMAIN)s:%(HTTP_PORT)s/
 HTTP_ADDR = 
 HTTP_PORT = 3000
+CERT_FILE = cert.pem
+KEY_FILE = key.pem

 [database]
 ; Either "mysql", "postgres" or "sqlite3"(binary release only), it's your choice
--- a/gogs.go
+++ b/gogs.go
@ -19,7 +19,7 @@ import (
 // Test that go1.2 tag above is included in builds. main.go refers to this definition.
 const go12tag = true

-const APP_VER = "0.2.0.0403 Alpha"
+const APP_VER = "0.2.1.0405 Alpha"

 func init() {
 	base.AppVer = APP_VER
--- a/models/access.go
+++ b/models/access.go
@ -7,6 +7,8 @@ package models
 import (
 	"strings"
 	"time"
+
+	"github.com/lunny/xorm"
 )

 // Access types.
@ -40,6 +42,15 @@ func UpdateAccess(access *Access) error {
 	return err
 }

+// UpdateAccess updates access information with session for rolling back.
+func UpdateAccessWithSession(sess *xorm.Session, access *Access) error {
+	if _, err := sess.Id(access.Id).Update(access); err != nil {
+		sess.Rollback()
+		return err
+	}
+	return nil
+}
+
 // HasAccess returns true if someone can read or write to given repository.
 func HasAccess(userName, repoName string, mode int) (bool, error) {
 	return orm.Get(&Access{
--- a/models/action.go
+++ b/models/action.go
@ -21,6 +21,7 @@ const (
 	OP_COMMIT_REPO
 	OP_CREATE_ISSUE
 	OP_PULL_REQUEST
+	OP_TRANSFER_REPO
 )

 // Action represents user operation type and other information to repository.,
@ -108,6 +109,18 @@ func NewRepoAction(user *User, repo *Repository) (err error) {
 	return err
 }

+// TransferRepoAction adds new action for transfering repository.
+func TransferRepoAction(user, newUser *User, repo *Repository) (err error) {
+	if err = NotifyWatchers(&Action{ActUserId: user.Id, ActUserName: user.Name, ActEmail: user.Email,
+		OpType: OP_TRANSFER_REPO, RepoId: repo.Id, RepoName: repo.Name, Content: newUser.Name}); err != nil {
+		log.Error("action.TransferRepoAction(notify watchers): %d/%s", user.Id, repo.Name)
+		return err
+	}
+
+	log.Trace("action.TransferRepoAction: %s/%s", user.LowerName, repo.LowerName)
+	return err
+}
+
 // GetFeeds returns action list of given user in given context.
 func GetFeeds(userid, offset int64, isProfile bool) ([]Action, error) {
 	actions := make([]Action, 0, 20)
--- a/models/models.go
+++ b/models/models.go
@ -53,10 +53,10 @@ func NewTestEngine(x *xorm.Engine) (err error) {
 	// 	os.MkdirAll(path.Dir(DbCfg.Path), os.ModePerm)
 	// 	x, err = xorm.NewEngine("sqlite3", DbCfg.Path)
 	default:
-		return fmt.Errorf("Unknown database type: %s\n", DbCfg.Type)
+		return fmt.Errorf("Unknown database type: %s", DbCfg.Type)
 	}
 	if err != nil {
-		return fmt.Errorf("models.init(fail to conntect database): %v\n", err)
+		return fmt.Errorf("models.init(fail to conntect database): %v", err)
 	}

 	return x.Sync(new(User), new(PublicKey), new(Repository), new(Watch),
@ -75,10 +75,10 @@ func SetEngine() (err error) {
 		os.MkdirAll(path.Dir(DbCfg.Path), os.ModePerm)
 		orm, err = xorm.NewEngine("sqlite3", DbCfg.Path)
 	default:
-		return fmt.Errorf("Unknown database type: %s\n", DbCfg.Type)
+		return fmt.Errorf("Unknown database type: %s", DbCfg.Type)
 	}
 	if err != nil {
-		return fmt.Errorf("models.init(fail to conntect database): %v\n", err)
+		return fmt.Errorf("models.init(fail to conntect database): %v", err)
 	}

 	// WARNNING: for serv command, MUST remove the output to os.stdout,
@ -89,7 +89,7 @@ func SetEngine() (err error) {

 	f, err := os.Create(logPath)
 	if err != nil {
-		return fmt.Errorf("models.init(fail to create xorm.log): %v\n", err)
+		return fmt.Errorf("models.init(fail to create xorm.log): %v", err)
 	}
 	orm.Logger = f

@ -104,7 +104,7 @@ func NewEngine() (err error) {
 		return err
 	} else if err = orm.Sync(new(User), new(PublicKey), new(Repository), new(Watch),
 		new(Action), new(Access), new(Issue), new(Comment)); err != nil {
-		return fmt.Errorf("sync database struct error: %v\n", err)
+		return fmt.Errorf("sync database struct error: %v", err)
 	}
 	return nil
 }
--- a/models/publickey.go
+++ b/models/publickey.go
@ -77,8 +77,8 @@ func init() {
 // PublicKey represents a SSH key of user.
 type PublicKey struct {
 	Id          int64
-	OwnerId     int64  `xorm:"index"`
-	Name        string `xorm:"unique not null"`
+	OwnerId     int64  `xorm:"unique(s) index not null"`
+	Name        string `xorm:"unique(s) not null"`
 	Fingerprint string
 	Content     string    `xorm:"TEXT not null"`
 	Created     time.Time `xorm:"created"`
--- a/models/repo.go
+++ b/models/repo.go
@ -143,17 +143,17 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv
 	if err = initRepository(repoPath, user, repo, initReadme, repoLang, license); err != nil {
 		return nil, err
 	}
-	session := orm.NewSession()
-	defer session.Close()
-	session.Begin()
+	sess := orm.NewSession()
+	defer sess.Close()
+	sess.Begin()

-	if _, err = session.Insert(repo); err != nil {
+	if _, err = sess.Insert(repo); err != nil {
 		if err2 := os.RemoveAll(repoPath); err2 != nil {
 			log.Error("repo.CreateRepository(repo): %v", err)
 			return nil, errors.New(fmt.Sprintf(
 				"delete repo directory %s/%s failed(1): %v", user.Name, repoName, err2))
 		}
-		session.Rollback()
+		sess.Rollback()
 		return nil, err
 	}

@ -162,8 +162,8 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv
 		RepoName: strings.ToLower(path.Join(user.Name, repo.Name)),
 		Mode:     AU_WRITABLE,
 	}
-	if _, err = session.Insert(&access); err != nil {
-		session.Rollback()
+	if _, err = sess.Insert(&access); err != nil {
+		sess.Rollback()
 		if err2 := os.RemoveAll(repoPath); err2 != nil {
 			log.Error("repo.CreateRepository(access): %v", err)
 			return nil, errors.New(fmt.Sprintf(
@ -173,8 +173,8 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv
 	}

 	rawSql := "UPDATE `user` SET num_repos = num_repos + 1 WHERE id = ?"
-	if _, err = session.Exec(rawSql, user.Id); err != nil {
-		session.Rollback()
+	if _, err = sess.Exec(rawSql, user.Id); err != nil {
+		sess.Rollback()
 		if err2 := os.RemoveAll(repoPath); err2 != nil {
 			log.Error("repo.CreateRepository(repo count): %v", err)
 			return nil, errors.New(fmt.Sprintf(
@ -183,8 +183,8 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv
 		return nil, err
 	}

-	if err = session.Commit(); err != nil {
-		session.Rollback()
+	if err = sess.Commit(); err != nil {
+		sess.Rollback()
 		if err2 := os.RemoveAll(repoPath); err2 != nil {
 			log.Error("repo.CreateRepository(commit): %v", err)
 			return nil, errors.New(fmt.Sprintf(
@ -369,6 +369,76 @@ func RepoPath(userName, repoName string) string {
 	return filepath.Join(UserPath(userName), strings.ToLower(repoName)+".git")
 }

+// TransferOwnership transfers all corresponding setting from old user to new one.
+func TransferOwnership(user *User, newOwner string, repo *Repository) (err error) {
+	newUser, err := GetUserByName(newOwner)
+	if err != nil {
+		return err
+	}
+
+	// Update accesses.
+	accesses := make([]Access, 0, 10)
+	if err = orm.Find(&accesses, &Access{RepoName: user.LowerName + "/" + repo.LowerName}); err != nil {
+		return err
+	}
+
+	sess := orm.NewSession()
+	defer sess.Close()
+	if err = sess.Begin(); err != nil {
+		return err
+	}
+
+	for i := range accesses {
+		accesses[i].RepoName = newUser.LowerName + "/" + repo.LowerName
+		if accesses[i].UserName == user.LowerName {
+			accesses[i].UserName = newUser.LowerName
+		}
+		if err = UpdateAccessWithSession(sess, &accesses[i]); err != nil {
+			return err
+		}
+	}
+
+	// Update repository.
+	repo.OwnerId = newUser.Id
+	if _, err := sess.Id(repo.Id).Update(repo); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	// Update user repository number.
+	rawSql := "UPDATE `user` SET num_repos = num_repos + 1 WHERE id = ?"
+	if _, err = sess.Exec(rawSql, newUser.Id); err != nil {
+		sess.Rollback()
+		return err
+	}
+	rawSql = "UPDATE `user` SET num_repos = num_repos - 1 WHERE id = ?"
+	if _, err = sess.Exec(rawSql, user.Id); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	// Add watch of new owner to repository.
+	if !IsWatching(newUser.Id, repo.Id) {
+		if err = WatchRepo(newUser.Id, repo.Id, true); err != nil {
+			sess.Rollback()
+			return err
+		}
+	}
+
+	if err = TransferRepoAction(user, newUser, repo); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	// Change repository directory name.
+	if err = os.Rename(RepoPath(user.Name, repo.Name), RepoPath(newUser.Name, repo.Name)); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	return sess.Commit()
+}
+
 // ChangeRepositoryName changes all corresponding setting from old repository name to new one.
 func ChangeRepositoryName(userName, oldRepoName, newRepoName string) (err error) {
 	// Update accesses.
@ -376,15 +446,27 @@ func ChangeRepositoryName(userName, oldRepoName, newRepoName string) (err error)
 	if err = orm.Find(&accesses, &Access{RepoName: strings.ToLower(userName + "/" + oldRepoName)}); err != nil {
 		return err
 	}
+
+	sess := orm.NewSession()
+	defer sess.Close()
+	if err = sess.Begin(); err != nil {
+		return err
+	}
+
 	for i := range accesses {
 		accesses[i].RepoName = userName + "/" + newRepoName
-		if err = UpdateAccess(&accesses[i]); err != nil {
+		if err = UpdateAccessWithSession(sess, &accesses[i]); err != nil {
 			return err
 		}
 	}

 	// Change repository directory name.
-	return os.Rename(RepoPath(userName, oldRepoName), RepoPath(userName, newRepoName))
+	if err = os.Rename(RepoPath(userName, oldRepoName), RepoPath(userName, newRepoName)); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	return sess.Commit()
 }

 func UpdateRepository(repo *Repository) error {
@ -410,29 +492,30 @@ func DeleteRepository(userId, repoId int64, userName string) (err error) {
 		return ErrRepoNotExist
 	}

-	session := orm.NewSession()
-	if err = session.Begin(); err != nil {
+	sess := orm.NewSession()
+	defer sess.Close()
+	if err = sess.Begin(); err != nil {
 		return err
 	}
-	if _, err = session.Delete(&Repository{Id: repoId}); err != nil {
-		session.Rollback()
+	if _, err = sess.Delete(&Repository{Id: repoId}); err != nil {
+		sess.Rollback()
 		return err
 	}
-	if _, err := session.Delete(&Access{RepoName: strings.ToLower(path.Join(userName, repo.Name))}); err != nil {
-		session.Rollback()
+	if _, err := sess.Delete(&Access{RepoName: strings.ToLower(path.Join(userName, repo.Name))}); err != nil {
+		sess.Rollback()
 		return err
 	}
 	rawSql := "UPDATE `user` SET num_repos = num_repos - 1 WHERE id = ?"
-	if _, err = session.Exec(rawSql, userId); err != nil {
-		session.Rollback()
+	if _, err = sess.Exec(rawSql, userId); err != nil {
+		sess.Rollback()
 		return err
 	}
-	if _, err = session.Delete(&Watch{RepoId: repoId}); err != nil {
-		session.Rollback()
+	if _, err = sess.Delete(&Watch{RepoId: repoId}); err != nil {
+		sess.Rollback()
 		return err
 	}
-	if err = session.Commit(); err != nil {
-		session.Rollback()
+	if err = sess.Commit(); err != nil {
+		sess.Rollback()
 		return err
 	}
 	if err = os.RemoveAll(RepoPath(userName, repo.Name)); err != nil {
--- a/models/user.go
+++ b/models/user.go
@ -105,11 +105,17 @@ type Member struct {
 // IsUserExist checks if given user name exist,
 // the user name should be noncased unique.
 func IsUserExist(name string) (bool, error) {
+	if len(name) == 0 {
+		return false, nil
+	}
 	return orm.Get(&User{LowerName: strings.ToLower(name)})
 }

 // IsEmailUsed returns true if the e-mail has been used.
 func IsEmailUsed(email string) (bool, error) {
+	if len(email) == 0 {
+		return false, nil
+	}
 	return orm.Get(&User{Email: email})
 }

@ -212,11 +218,18 @@ func ChangeUserName(user *User, newUserName string) (err error) {
 	if err = orm.Find(&accesses, &Access{UserName: user.LowerName}); err != nil {
 		return err
 	}
+
+	sess := orm.NewSession()
+	defer sess.Close()
+	if err = sess.Begin(); err != nil {
+		return err
+	}
+
 	for i := range accesses {
 		accesses[i].UserName = newUserName
 		if strings.HasPrefix(accesses[i].RepoName, user.LowerName+"/") {
 			accesses[i].RepoName = strings.Replace(accesses[i].RepoName, user.LowerName, newUserName, 1)
-			if err = UpdateAccess(&accesses[i]); err != nil {
+			if err = UpdateAccessWithSession(sess, &accesses[i]); err != nil {
 				return err
 			}
 		}
@ -235,14 +248,19 @@ func ChangeUserName(user *User, newUserName string) (err error) {

 		for j := range accesses {
 			accesses[j].RepoName = newUserName + "/" + repos[i].LowerName
-			if err = UpdateAccess(&accesses[j]); err != nil {
+			if err = UpdateAccessWithSession(sess, &accesses[j]); err != nil {
 				return err
 			}
 		}
 	}

 	// Change user directory name.
-	return os.Rename(UserPath(user.LowerName), UserPath(newUserName))
+	if err = os.Rename(UserPath(user.LowerName), UserPath(newUserName)); err != nil {
+		sess.Rollback()
+		return err
+	}
+
+	return sess.Commit()
 }

 // UpdateUser updates user's information.
@ -349,6 +367,21 @@ func GetUserByName(name string) (*User, error) {
 	return user, nil
 }

+// GetUserByEmail returns the user object by given e-mail if exists.
+func GetUserByEmail(email string) (*User, error) {
+	if len(email) == 0 {
+		return nil, ErrUserNotExist
+	}
+	user := &User{Email: strings.ToLower(email)}
+	has, err := orm.Get(user)
+	if err != nil {
+		return nil, err
+	} else if !has {
+		return nil, ErrUserNotExist
+	}
+	return user, nil
+}
+
 // LoginUserPlain validates user by raw user name and password.
 func LoginUserPlain(name, passwd string) (*User, error) {
 	user := User{LowerName: strings.ToLower(name), Passwd: passwd}
--- a/modules/base/template.go
+++ b/modules/base/template.go
@ -67,6 +67,10 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{
 	"DateFormat": DateFormat,
 	"List":       List,
 	"Mail2Domain": func(mail string) string {
+		if !strings.Contains(mail, "@") {
+			return "try.gogits.org"
+		}
+
 		suffix := strings.SplitN(mail, "@", 2)[1]
 		domain, ok := mailDomains[suffix]
 		if !ok {
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@ -494,6 +494,8 @@ func ActionIcon(opType int) string {
 		return "arrow-circle-o-right"
 	case 6: // Create issue.
 		return "exclamation-circle"
+	case 8: // Transfer repository.
+		return "share"
 	default:
 		return "invalid type"
 	}
@ -503,8 +505,9 @@ const (
 	TPL_CREATE_REPO    = `<a href="/user/%s">%s</a> created repository <a href="/%s">%s</a>`
 	TPL_COMMIT_REPO    = `<a href="/user/%s">%s</a> pushed to <a href="/%s/src/%s">%s</a> at <a href="/%s">%s</a>%s`
 	TPL_COMMIT_REPO_LI = `<div><img src="%s?s=16" alt="user-avatar"/> <a href="/%s/commit/%s">%s</a> %s</div>`
-	TPL_CREATE_Issue   = `<a href="/user/%s">%s</a> opened issue <a href="/%s/issues/%s">%s#%s</a>
+	TPL_CREATE_ISSUE   = `<a href="/user/%s">%s</a> opened issue <a href="/%s/issues/%s">%s#%s</a>
 <div><img src="%s?s=16" alt="user-avatar"/> %s</div>`
+	TPL_TRANSFER_REPO = `<a href="/user/%s">%s</a> transfered repository <code>%s</code> to <a href="/%s">%s</a>`
 )

 type PushCommit struct {
@ -547,8 +550,11 @@ func ActionDesc(act Actioner) string {
 			buf.String())
 	case 6: // Create issue.
 		infos := strings.SplitN(content, "|", 2)
-		return fmt.Sprintf(TPL_CREATE_Issue, actUserName, actUserName, repoLink, infos[0], repoLink, infos[0],
+		return fmt.Sprintf(TPL_CREATE_ISSUE, actUserName, actUserName, repoLink, infos[0], repoLink, infos[0],
 			AvatarLink(email), infos[1])
+	case 8: // Transfer repository.
+		newRepoLink := content + "/" + repoName
+		return fmt.Sprintf(TPL_TRANSFER_REPO, actUserName, actUserName, repoLink, newRepoLink, newRepoLink)
 	default:
 		return "invalid type"
 	}
--- a/modules/mailer/mail.go
+++ b/modules/mailer/mail.go
@ -86,7 +86,27 @@ func SendActiveMail(r *middleware.Render, user *models.User) {
 	}

 	msg := NewMailMessage([]string{user.Email}, subject, body)
-	msg.Info = fmt.Sprintf("UID: %d, send email verify mail", user.Id)
+	msg.Info = fmt.Sprintf("UID: %d, send active mail", user.Id)
+
+	SendAsync(&msg)
+}
+
+// Send reset password email.
+func SendResetPasswdMail(r *middleware.Render, user *models.User) {
+	code := CreateUserActiveCode(user, nil)
+
+	subject := "Reset your password"
+
+	data := GetMailTmplData(user)
+	data["Code"] = code
+	body, err := r.HTMLString("mail/auth/reset_passwd", data)
+	if err != nil {
+		log.Error("mail.SendResetPasswdMail(fail to render): %v", err)
+		return
+	}
+
+	msg := NewMailMessage([]string{user.Email}, subject, body)
+	msg.Info = fmt.Sprintf("UID: %d, send reset password email", user.Id)

 	SendAsync(&msg)
 }
--- a/modules/oauth2/oauth2.go
+++ b/modules/oauth2/oauth2.go
@ -26,7 +26,10 @@ import (

 	"code.google.com/p/goauth2/oauth"
 	"github.com/go-martini/martini"
-	"github.com/martini-contrib/sessions"
+
+	"github.com/gogits/session"
+
+	"github.com/gogits/gogs/modules/middleware"
 )

 const (
@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
 		Transport: http.DefaultTransport,
 	}

-	return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
-		if r.Method == "GET" {
-			switch r.URL.Path {
+	return func(c martini.Context, ctx *middleware.Context) {
+		if ctx.Req.Method == "GET" {
+			switch ctx.Req.URL.Path {
 			case PathLogin:
-				login(transport, s, w, r)
+				login(transport, ctx)
 			case PathLogout:
-				logout(transport, s, w, r)
+				logout(transport, ctx)
 			case PathCallback:
-				handleOAuth2Callback(transport, s, w, r)
+				handleOAuth2Callback(transport, ctx)
 			}
 		}

-		tk := unmarshallToken(s)
+		tk := unmarshallToken(ctx.Session)
 		if tk != nil {
 			// check if the access token is expired
 			if tk.IsExpired() && tk.Refresh() == "" {
-				s.Delete(keyToken)
+				ctx.Session.Delete(keyToken)
 				tk = nil
 			}
 		}
@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
 // Sample usage:
 // m.Get("/login-required", oauth2.LoginRequired, func() ... {})
 var LoginRequired martini.Handler = func() martini.Handler {
-	return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
-		token := unmarshallToken(s)
+	return func(c martini.Context, ctx *middleware.Context) {
+		token := unmarshallToken(ctx.Session)
 		if token == nil || token.IsExpired() {
-			next := url.QueryEscape(r.URL.RequestURI())
-			http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect)
+			next := url.QueryEscape(ctx.Req.URL.RequestURI())
+			ctx.Redirect(PathLogin+"?next="+next, codeRedirect)
 		}
 	}
 }()

-func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
-	next := extractPath(r.URL.Query().Get(keyNextPage))
-	if s.Get(keyToken) == nil {
+func login(t *oauth.Transport, ctx *middleware.Context) {
+	next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
+	if ctx.Session.Get(keyToken) == nil {
 		// User is not logged in.
-		http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect)
+		ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect)
 		return
 	}
 	// No need to login, redirect to the next page.
-	http.Redirect(w, r, next, codeRedirect)
+	ctx.Redirect(next, codeRedirect)
 }

-func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
-	next := extractPath(r.URL.Query().Get(keyNextPage))
-	s.Delete(keyToken)
-	http.Redirect(w, r, next, codeRedirect)
+func logout(t *oauth.Transport, ctx *middleware.Context) {
+	next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
+	ctx.Session.Delete(keyToken)
+	ctx.Redirect(next, codeRedirect)
 }

-func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
-	next := extractPath(r.URL.Query().Get("state"))
-	code := r.URL.Query().Get("code")
+func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
+	next := extractPath(ctx.Req.URL.Query().Get("state"))
+	code := ctx.Req.URL.Query().Get("code")
 	tk, err := t.Exchange(code)
 	if err != nil {
 		// Pass the error message, or allow dev to provide its own
 		// error handler.
-		http.Redirect(w, r, PathError, codeRedirect)
+		ctx.Redirect(PathError, codeRedirect)
 		return
 	}
 	// Store the credentials in the session.
 	val, _ := json.Marshal(tk)
-	s.Set(keyToken, val)
-	http.Redirect(w, r, next, codeRedirect)
+	ctx.Session.Set(keyToken, val)
+	ctx.Redirect(next, codeRedirect)
 }

-func unmarshallToken(s sessions.Session) (t *token) {
+func unmarshallToken(s session.SessionStore) (t *token) {
 	if s.Get(keyToken) == nil {
 		return
 	}
--- a/routers/install.go
+++ b/routers/install.go
@ -43,7 +43,7 @@ func GlobalInit() {

 	if base.InstallLock {
 		if err := models.NewEngine(); err != nil {
-			fmt.Println("%v", err)
+			fmt.Println(err)
 			os.Exit(2)
 		}

@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) {
 	if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd,
 		IsAdmin: true, IsActive: true}); err != nil {
 		if err != models.ErrUserAlreadyExist {
+			base.InstallLock = false
 			ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form)
 			return
 		}
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@ -5,6 +5,8 @@
 package repo

 import (
+	"encoding/base64"
+	"errors"
 	"fmt"
 	"path"
 	"path/filepath"
@ -237,19 +239,112 @@ func SingleDownload(ctx *middleware.Context, params martini.Params) {
 	ctx.Res.Write(data)
 }

-func Http(ctx *middleware.Context, params martini.Params) {
-	// TODO: access check
+func basicEncode(username, password string) string {
+	auth := username + ":" + password
+	return base64.StdEncoding.EncodeToString([]byte(auth))
+}
+
+func basicDecode(encoded string) (user string, name string, err error) {
+	var s []byte
+	s, err = base64.StdEncoding.DecodeString(encoded)
+	if err != nil {
+		return
+	}
+
+	a := strings.Split(string(s), ":")
+	if len(a) == 2 {
+		user, name = a[0], a[1]
+	} else {
+		err = errors.New("decode failed")
+	}
+	return
+}
+
+func authRequired(ctx *middleware.Context) {
+	ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
+	ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
+	ctx.HTML(401, fmt.Sprintf("status/401"))
+}

+func Http(ctx *middleware.Context, params martini.Params) {
 	username := params["username"]
 	reponame := params["reponame"]
 	if strings.HasSuffix(reponame, ".git") {
 		reponame = reponame[:len(reponame)-4]
 	}

+	//fmt.Println("req:", ctx.Req.Header)
+
+	repoUser, err := models.GetUserByName(username)
+	if err != nil {
+		ctx.Handle(500, "repo.GetUserByName", nil)
+		return
+	}
+
+	repo, err := models.GetRepositoryByName(repoUser.Id, reponame)
+	if err != nil {
+		ctx.Handle(500, "repo.GetRepositoryByName", nil)
+		return
+	}
+
+	isPull := webdav.IsPullMethod(ctx.Req.Method)
+	var askAuth = !(!repo.IsPrivate && isPull)
+
+	//authRequired(ctx)
+	//return
+
+	// check access
+	if askAuth {
+		// check digit auth
+
+		// check basic auth
+		baHead := ctx.Req.Header.Get("Authorization")
+		if baHead == "" {
+			authRequired(ctx)
+			return
+		}
+
+		auths := strings.Fields(baHead)
+		if len(auths) != 2 || auths[0] != "Basic" {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+		authUsername, passwd, err := basicDecode(auths[1])
+		if err != nil {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		authUser, err := models.GetUserByName(authUsername)
+		if err != nil {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		newUser := &models.User{Passwd: passwd}
+		newUser.EncodePasswd()
+		if authUser.Passwd != newUser.Passwd {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		var tp = models.AU_WRITABLE
+		if isPull {
+			tp = models.AU_READABLE
+		}
+
+		has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
+		if err != nil || !has {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+	}
+
+	dir := models.RepoPath(username, reponame)
+
 	prefix := path.Join("/", username, params["reponame"])
 	server := webdav.NewServer(
-		models.RepoPath(username, reponame),
-		prefix, true)
+		dir, prefix, true)

 	server.ServeHTTP(ctx.ResponseWriter, ctx.Req)
 }
@ -314,6 +409,29 @@ func SettingPost(ctx *middleware.Context) {
 			ctx.HTML(200, "repo/setting")
 		}
 		log.Trace("%s Repository updated: %s/%s", ctx.Req.RequestURI, ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)
+	case "transfer":
+		if len(ctx.Repo.Repository.Name) == 0 || ctx.Repo.Repository.Name != ctx.Query("repository") {
+			ctx.RenderWithErr("Please make sure you entered repository name is correct.", "repo/setting", nil)
+			return
+		}
+
+		newOwner := ctx.Query("owner")
+		// Check if new owner exists.
+		isExist, err := models.IsUserExist(newOwner)
+		if err != nil {
+			ctx.Handle(404, "repo.SettingPost(transfer: check existence)", err)
+			return
+		} else if !isExist {
+			ctx.RenderWithErr("Please make sure you entered owner name is correct.", "repo/setting", nil)
+			return
+		} else if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil {
+			ctx.Handle(404, "repo.SettingPost(transfer repository)", err)
+			return
+		}
+		log.Trace("%s Repository transfered: %s/%s -> %s", ctx.Req.RequestURI, ctx.User.Name, ctx.Repo.Repository.Name, newOwner)
+
+		ctx.Redirect("/")
+		return
 	case "delete":
 		if len(ctx.Repo.Repository.Name) == 0 || ctx.Repo.Repository.Name != ctx.Query("repository") {
 			ctx.RenderWithErr("Please make sure you entered repository name is correct.", "repo/setting", nil)
--- a/routers/user/user.go
+++ b/routers/user/user.go
@ -403,9 +403,12 @@ func Activate(ctx *middleware.Context) {
 	if user := models.VerifyUserActiveCode(code); user != nil {
 		user.IsActive = true
 		user.Rands = models.GetUserSalt()
-		models.UpdateUser(user)
+		if err := models.UpdateUser(user); err != nil {
+			ctx.Handle(404, "user.Activate", err)
+			return
+		}

-		log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.LowerName)
+		log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name)

 		ctx.Session.Set("userId", user.Id)
 		ctx.Session.Set("userName", user.Name)
@ -416,3 +419,80 @@ func Activate(ctx *middleware.Context) {
 	ctx.Data["IsActivateFailed"] = true
 	ctx.HTML(200, "user/active")
 }
+
+func ForgotPasswd(ctx *middleware.Context) {
+	ctx.Data["Title"] = "Forgot Password"
+
+	if base.MailService == nil {
+		ctx.Data["IsResetDisable"] = true
+		ctx.HTML(200, "user/forgot_passwd")
+		return
+	}
+
+	ctx.Data["IsResetRequest"] = true
+	if ctx.Req.Method == "GET" {
+		ctx.HTML(200, "user/forgot_passwd")
+		return
+	}
+
+	email := ctx.Query("email")
+	u, err := models.GetUserByEmail(email)
+	if err != nil {
+		if err == models.ErrUserNotExist {
+			ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil)
+		} else {
+			ctx.Handle(404, "user.ResetPasswd(check existence)", err)
+		}
+		return
+	}
+
+	mailer.SendResetPasswdMail(ctx.Render, u)
+	ctx.Data["Email"] = email
+	ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
+	ctx.Data["IsResetSent"] = true
+	ctx.HTML(200, "user/forgot_passwd")
+}
+
+func ResetPasswd(ctx *middleware.Context) {
+	code := ctx.Query("code")
+	if len(code) == 0 {
+		ctx.Error(404)
+		return
+	}
+	ctx.Data["Code"] = code
+
+	if ctx.Req.Method == "GET" {
+		ctx.Data["IsResetForm"] = true
+		ctx.HTML(200, "user/reset_passwd")
+		return
+	}
+
+	if u := models.VerifyUserActiveCode(code); u != nil {
+		// Validate password length.
+		passwd := ctx.Query("passwd")
+		if len(passwd) < 6 || len(passwd) > 30 {
+			ctx.Data["IsResetForm"] = true
+			ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil)
+			return
+		}
+
+		u.Passwd = passwd
+		if err := u.EncodePasswd(); err != nil {
+			ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err)
+			return
+		}
+
+		u.Rands = models.GetUserSalt()
+		if err := models.UpdateUser(u); err != nil {
+			ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err)
+			return
+		}
+
+		log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name)
+		ctx.Redirect("/user/login")
+		return
+	}
+
+	ctx.Data["IsResetFailed"] = true
+	ctx.HTML(200, "user/reset_passwd")
+}
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@ -2,7 +2,7 @@
 {{template "base/navbar" .}}
 <div id="body" class="container" data-page="admin">
    {{template "admin/nav" .}}
-    <div id="admin-container" class="col-md-9">
+    <div id="admin-container" class="col-md-10">
        <div class="panel panel-default">
            <div class="panel-heading">
                Server Configuration
--- a/templates/admin/dashboard.tmpl
+++ b/templates/admin/dashboard.tmpl
@ -2,7 +2,7 @@
 {{template "base/navbar" .}}
 <div id="body" class="container" data-page="admin">
    {{template "admin/nav" .}}
-    <div id="admin-container" class="col-md-9">
+    <div id="admin-container" class="col-md-10">
        <div class="panel panel-default">
            <div class="panel-heading">
                Statistic
--- a/templates/admin/nav.tmpl
+++ b/templates/admin/nav.tmpl
@ -1,4 +1,4 @@
-<div id="user-setting-nav" class="col-md-3 admin-nav">
+<div id="user-setting-nav" class="col-md-2 admin-nav">
    <ul class="list-group">
        <li class="list-group-item{{if .PageIsDashboard}} active{{end}}"><a href="/admin"><i class="fa fa-tachometer fa-lg"></i> Dashboard</a></li>
        <li class="list-group-item{{if .PageIsUsers}} active{{end}}"><a href="/admin/users"><i class="fa fa-users fa-lg"></i> Users</a></li>
--- a/templates/admin/repos.tmpl
+++ b/templates/admin/repos.tmpl
@ -2,7 +2,7 @@
 {{template "base/navbar" .}}
 <div id="body" class="container" data-page="admin">
    {{template "admin/nav" .}}
-    <div id="admin-container" class="col-md-9">
+    <div id="admin-container" class="col-md-10">
        <div class="panel panel-default">
            <div class="panel-heading">
                Repository Management
--- a/templates/admin/users.tmpl
+++ b/templates/admin/users.tmpl
@ -2,7 +2,7 @@
 {{template "base/navbar" .}}
 <div id="body" class="container" data-page="admin">
    {{template "admin/nav" .}}
-    <div id="admin-container" class="col-md-9">
+    <div id="admin-container" class="col-md-10">
        <div class="panel panel-default">
            <div class="panel-heading">
                User Management
--- a/templates/mail/auth/reset_passwd.tmpl
+++ b/templates/mail/auth/reset_passwd.tmpl
@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>{{.User.Name}}, please reset your password</title>
+</head>
+<body style="background:#eee;">
+<div style="color:#333; font:12px/1.5 Tahoma,Arial,sans-serif;; text-shadow:1px 1px #fff; padding:0; margin:0;">
+    <div style="width:600px;margin:0 auto; padding:40px 0 20px;">
+        <div style="border:1px solid #d9d9d9;border-radius:3px; background:#fff; box-shadow: 0px 2px 5px rgba(0, 0, 0,.05); -webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0,.05);">
+            <div style="padding: 20px 15px;">
+                <h1 style="font-size:20px; padding:10px 0 20px; margin:0; border-bottom:1px solid #ddd;"><img src="{{.AppUrl}}/{{.AppLogo}}" style="height: 32px; margin-bottom: -10px;"> <a style="color:#333;text-decoration:none;" target="_blank" href="{{.AppUrl}}">{{.AppName}}</a></h1>
+                <div style="padding:40px 15px;">
+                    <div style="font-size:16px; padding-bottom:30px; font-weight:bold;">
+                        Hi <span style="color: #00BFFF;">{{.User.Name}}</span>,
+                    </div>
+                    <div style="font-size:14px; padding:0 15px;">
+						<p style="margin:0;padding:0 0 9px 0;">Please click following link to reset your password within <b>{{.ActiveCodeLives}} hours</b>.</p>
+						<p style="margin:0;padding:0 0 9px 0;">
+							<a href="{{.AppUrl}}user/reset_password?code={{.Code}}">{{.AppUrl}}user/reset_password?code={{.Code}}</a>
+						</p>
+						<p style="margin:0;padding:0 0 9px 0;">Copy and paste it to your browser if the link is not working.</p>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <div style="color:#aaa;padding:10px;text-align:center;">
+            © 2014 <a style="color:#888;text-decoration:none;" target="_blank" href="http://gogits.org">Gogs: Go Git Service</a>
+        </div>
+    </div>
+</div>
+</body>
+</html>
--- a/templates/mail/auth/reset_password.html
+++ b/templates/mail/auth/reset_password.html
@ -1,25 +0,0 @@
-{{template "mail/base.html" .}}
-{{define "title"}}
-	{{if eq .Lang "zh-CN"}}
-		 {{.User.NickName}}，重置账户密码
-	{{end}}
-	{{if eq .Lang "en-US"}}
-		{{.User.NickName}}, reset your password
-	{{end}}
-{{end}}
-{{define "body"}}
-	{{if eq .Lang "zh-CN"}}
-		<p style="margin:0;padding:0 0 9px 0;">点击链接重置密码，{{.ResetPwdCodeLives}} 分钟内有效</p>
-		<p style="margin:0;padding:0 0 9px 0;">
-			<a href="{{.AppUrl}}reset/{{.Code}}">{{.AppUrl}}reset/{{.Code}}</a>
-		</p>
-		<p style="margin:0;padding:0 0 9px 0;">如果链接点击无反应，请复制到浏览器打开。</p>
-	{{end}}
-	{{if eq .Lang "en-US"}}
-		<p style="margin:0;padding:0 0 9px 0;">Please click following link to reset your password in {{.ResetPwdCodeLives}} hours</p>
-		<p style="margin:0;padding:0 0 9px 0;">
-			<a href="{{.AppUrl}}reset/{{.Code}}">{{.AppUrl}}reset/{{.Code}}</a>
-		</p>
-		<p style="margin:0;padding:0 0 9px 0;">Copy and paste it to your browser if it's not working.</p>
-	{{end}}
-{{end}}
--- a/templates/repo/setting.tmpl
+++ b/templates/repo/setting.tmpl
@ -25,7 +25,7 @@
                    <div class="form-group">
                        <label class="col-md-3 text-right">Name</label>
                        <div class="col-md-9">
-                            <input class="form-control" name="name" value="{{.Repository.Name}}" />
+                            <input class="form-control" name="name" value="{{.Repository.Name}}" title="{{.Repository.Name}}" />
                        </div>
                    </div>

@ -64,12 +64,62 @@
                Danger Zone
            </div>
            
+            <div class="panel-body">
+                <button type="button" class="btn btn-default pull-right" href="#transfer-repository-modal" data-toggle="modal">
+                    Transfer ownership 
+                </button>
+                <dd>
+                    <dt>Transfer ownership</dt>
+                    <dl>Transfer this repo to another user or to an organization where you have admin rights.</dl>
+                </dd>
+
+                <div class="modal fade" id="transfer-repository-modal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
+                    <div class="modal-dialog">
+                        <form action="/{{.Owner.Name}}/{{.Repository.Name}}/settings" method="post" class="modal-content">
+                            {{.CsrfTokenHtml}}
+                            <input type="hidden" name="action" value="transfer">
+
+                            <div class="modal-header">
+                                <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
+                                <h4 class="modal-title" id="myModalLabel">Do you really want to transfer this repo?</h4>
+                            </div>
+
+                            <div class="modal-body">
+                                <div class="alert alert-warning">This is important, pay attention.</div>
+                                <ul>
+                                    <!-- <li>Transferring may be delayed until the new owner approves the transfer.</li> -->
+                                    <!-- <li>If you are transferring into an org, teams <strong>will not be set</strong>.  An owner on the org will need to set teams for the repo.</li> -->
+                                    <li>Admin rights will be transferred to the new owner, you <strong>will lose admin rights</strong>.</li>
+                                    <!-- <li>Admin rights will be transferred to the new owner, you <strong>may lose admin rights</strong> if you are transferring into an organization account.</li> -->
+                                    <li>Redirect entries <strong>will NOT be</strong> set up from the previous location.</li>
+                                    <li>Git access <strong>will NOT continue</strong> to work from the previous location.</li>
+                                </ul>
+                                <div class="form-group">
+                                    <label>Please type the name of the repository to confirm "<strong class="text-danger">{{.Repository.Name}}</strong>"</label>
+                                    <input name="repository" class="form-control" type="text" placeholder="Type your repository name" required="required">
+                                </div>
+
+                                <div class="form-group">
+                                    <label>Please type the name of the new owner:</label>
+                                    <input name="owner" class="form-control" type="text" placeholder="Type new owner's name" required="required">
+                                </div>
+                            </div>
+
+                            <div class="modal-footer">
+                                <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
+                                <button class="btn btn-danger btn-lg">I understand the consequences, transfer this repository</button>
+                            </div>
+                        </form>
+                    </div>
+                </div>
+            </div>
+            <hr>
            <div class="panel-body">
                <button type="button" class="btn btn-default pull-right" href="#delete-repository-modal" data-toggle="modal">
                    Delete this repository
                </button>
                <dd>
-                    <dt>Delete this repository.</dt>
+                    <dt>Delete this repository</dt>
                    <dl>Once you delete a repository, there is no going back. Please be certain.</dl>
                </dd>

--- a/templates/status/401.tmpl
+++ b/templates/status/401.tmpl
@ -0,0 +1,6 @@
+{{template "base/head" .}}
+{{template "base/navbar" .}}
+<div class="container">
+	401 Unauthorized
+</div>
+{{template "base/footer" .}}
--- a/templates/user/forgot_passwd.tmpl
+++ b/templates/user/forgot_passwd.tmpl
@ -0,0 +1,30 @@
+{{template "base/head" .}}
+{{template "base/navbar" .}}
+<div id="body" class="container">
+    <form action="/user/forget_password" method="post" class="form-horizontal card" id="login-card">
+        {{.CsrfTokenHtml}}
+        <h3>Reset Your Password</h3>
+        <div class="alert alert-danger form-error{{if .HasError}}{{else}} hidden{{end}}">{{.ErrorMsg}}</div>
+        {{if .IsResetSent}}
+        <p>A confirmation e-mail has been sent to <b>{{.Email}}</b>, please check your inbox within {{.Hours}} hours.</p>
+        <hr/>
+        <a href="http://{{Mail2Domain .Email}}" class="btn btn-lg btn-success">Sign in to your e-mail</a>
+        {{else if .IsResetRequest}}
+        <div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
+            <label class="col-md-3 control-label">Email: </label>
+            <div class="col-md-7">
+                <input name="email" class="form-control" placeholder="Type your e-mail address" required="required">
+            </div>
+        </div>
+        <hr/>
+        <div class="form-group">
+            <div class="col-md-offset-4 col-md-6">
+                <button type="submit" class="btn btn-lg btn-primary">Click here to send reset confirmation e-mail</button>
+            </div>
+        </div>
+        {{else if .IsResetDisable}}
+        <p>Sorry, mail service is not enabled.</p>
+        {{end}}
+    </form>
+</div>
+{{template "base/footer" .}}
--- a/templates/user/reset_passwd.tmpl
+++ b/templates/user/reset_passwd.tmpl
@ -0,0 +1,26 @@
+{{template "base/head" .}}
+{{template "base/navbar" .}}
+<div id="body" class="container">
+    <form action="/user/reset_password?code={{.Code}}" method="post" class="form-horizontal card" id="login-card">
+        {{.CsrfTokenHtml}}
+        <h3>Reset Your Pasword</h3>
+        <div class="alert alert-danger form-error{{if .HasError}}{{else}} hidden{{end}}">{{.ErrorMsg}}</div>
+        {{if .IsResetForm}}
+        <div class="form-group">
+            <label class="col-md-4 control-label">Password: </label>
+            <div class="col-md-6">
+                <input name="passwd" type="password" class="form-control" placeholder="Type your password" required="required">
+            </div>
+        </div>
+        <hr/>
+        <div class="form-group">
+            <div class="col-md-offset-4 col-md-6">
+                <button type="submit" class="btn btn-lg btn-primary">Click here to reset your password</button>
+            </div>
+        </div>
+        {{else}}
+        <p>Sorry, your confirmation code has been exipired or not valid.</p>
+        {{end}}
+    </form>
+</div>
+{{template "base/footer" .}}
--- a/templates/user/setting.tmpl
+++ b/templates/user/setting.tmpl
@ -12,7 +12,7 @@
                <div class="form-group">
                    <label class="col-md-2 control-label">Username<strong class="text-danger">*</strong></label>
                    <div class="col-md-8">
-                        <input name="username" class="form-control" placeholder="Type your user name" required="required" value="{{.SignedUser.Name}}">
+                        <input name="username" class="form-control" placeholder="Type your user name" required="required" value="{{.SignedUser.Name}}" title="{{.SignedUser.Name}}">
                    </div>
                </div>

--- a/templates/user/signin.tmpl
+++ b/templates/user/signin.tmpl
@ -33,7 +33,7 @@
        <div class="form-group">
            <div class="col-md-offset-4 col-md-6">
                <button type="submit" class="btn btn-lg btn-primary">Log In</button>
-                <a href="/forget-password/">Forgot your password?</a>
+                <a href="/user/forget_password/">Forgot your password?</a>
            </div>
        </div>

--- a/web.go
+++ b/web.go
@ -11,8 +11,6 @@ import (

 	"github.com/codegangsta/cli"
 	"github.com/go-martini/martini"
-	// "github.com/martini-contrib/oauth2"
-	// "github.com/martini-contrib/sessions"

 	"github.com/gogits/binding"

@ -21,6 +19,7 @@ import (
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/middleware"
+	"github.com/gogits/gogs/modules/oauth2"
 	"github.com/gogits/gogs/routers"
 	"github.com/gogits/gogs/routers/admin"
 	"github.com/gogits/gogs/routers/api/v1"
@ -59,19 +58,17 @@ func runWeb(*cli.Context) {

 	// Middlewares.
 	m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
-
-	// scope := "https://api.github.com/user"
-	// oauth2.PathCallback = "/oauth2callback"
-	// m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
-	// m.Use(oauth2.Github(&oauth2.Options{
-	// 	ClientId:     "09383403ff2dc16daaa1",
-	// 	ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
-	// 	RedirectURL:  base.AppUrl + oauth2.PathCallback,
-	// 	Scopes:       []string{scope},
-	// }))
-
 	m.Use(middleware.InitContext())

+	scope := "https://api.github.com/user"
+	oauth2.PathCallback = "/oauth2callback"
+	m.Use(oauth2.Github(&oauth2.Options{
+		ClientId:     "09383403ff2dc16daaa1",
+		ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
+		RedirectURL:  base.AppUrl + oauth2.PathCallback,
+		Scopes:       []string{scope},
+	}))
+
 	reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
 	ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView})
 	reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
@ -95,6 +92,8 @@ func runWeb(*cli.Context) {
 		// r.Any("/login/github", user.SocialSignIn)
 		r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
 		r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
+		r.Any("/forget_password", user.ForgotPasswd)
+		r.Any("/reset_password", user.ResetPasswd)
 	}, reqSignOut)
 	m.Group("/user", func(r martini.Router) {
 		r.Any("/logout", user.SignOut)
@ -170,12 +169,22 @@ func runWeb(*cli.Context) {
 	// Not found handler.
 	m.NotFound(routers.NotFound)

+	protocol := base.Cfg.MustValue("server", "PROTOCOL", "http")
 	listenAddr := fmt.Sprintf("%s:%s",
 		base.Cfg.MustValue("server", "HTTP_ADDR"),
 		base.Cfg.MustValue("server", "HTTP_PORT", "3000"))
-	log.Info("Listen: %s", listenAddr)
-	if err := http.ListenAndServe(listenAddr, m); err != nil {
-		fmt.Println(err.Error())
-		//log.Critical(err.Error()) // not working now
+
+	if protocol == "http" {
+		log.Info("Listen: http://%s", listenAddr)
+		if err := http.ListenAndServe(listenAddr, m); err != nil {
+			fmt.Println(err.Error())
+			//log.Critical(err.Error()) // not working now
+		}
+	} else if protocol == "https" {
+		log.Info("Listen: https://%s", listenAddr)
+		if err := http.ListenAndServeTLS(listenAddr, base.Cfg.MustValue("server", "CERT_FILE"),
+			base.Cfg.MustValue("server", "KEY_FILE"), m); err != nil {
+			fmt.Println(err.Error())
+		}
 	}
 }