Add SignInRequire and SignOutRequire middleware

11 years ago · ba5c7ea771
parent 8e821c75d7
commit ba5c7ea771
8 changed files with 135 additions and 99 deletions
--- a/gogs.go
+++ b/gogs.go
@ -19,7 +19,7 @@ import (
 // Test that go1.1 tag above is included in builds. main.go refers to this definition.
 const go11tag = true
-const APP_VER = "0.0.1.0306"
+const APP_VER = "0.0.1.0307"
 func init() {
 	runtime.GOMAXPROCS(runtime.NumCPU())
--- a/modules/auth/user.go
+++ b/modules/auth/user.go
@ -0,0 +1,82 @@
 // Copyright 2014 The Gogs Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 package auth
 import (
 	"github.com/codegangsta/martini"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
 	"github.com/gogits/gogs/models"
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/utils/log"
 )
 func SignedInId(session sessions.Session) int64 {
 	userId := session.Get("userId")
 	if userId == nil {
 		return 0
 	}
 	if s, ok := userId.(int64); ok {
 		return s
 	}
 	return 0
 }
 func SignedInName(session sessions.Session) string {
 	userName := session.Get("userName")
 	if userName == nil {
 		return ""
 	}
 	if s, ok := userName.(string); ok {
 		return s
 	}
 	return ""
 }
 func SignedInUser(session sessions.Session) *models.User {
 	id := SignedInId(session)
 	if id <= 0 {
 		return nil
 	}
 	user, err := models.GetUserById(id)
 	if err != nil {
 		log.Error("user.SignedInUser: %v", err)
 		return nil
 	}
 	return user
 }
 func IsSignedIn(session sessions.Session) bool {
 	return SignedInId(session) > 0
 }
 // SignInRequire checks user status from session.
 // It will assign correspoding values to
 // template data map if user has signed in.
 func SignInRequire(redirect bool) martini.Handler {
 	return func(r render.Render, data base.TmplData, session sessions.Session) {
 		if !IsSignedIn(session) {
 			if redirect {
 				r.Redirect("/")
 			}
 			return
 		}
 		data["IsSigned"] = true
 		data["SignedUserId"] = SignedInId(session)
 		data["SignedUserName"] = SignedInName(session)
 		data["Avatar"] = SignedInUser(session).Avatar
 	}
 }
 func SignOutRequire() martini.Handler {
 	return func(r render.Render, session sessions.Session) {
 		if IsSignedIn(session) {
 			r.Redirect("/")
 		}
 	}
 }
--- a/routers/dashboard.go
+++ b/routers/dashboard.go
@ -5,14 +5,16 @@
 package routers
 import (
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/routers/user"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
 	"github.com/gogits/gogs/modules/auth"
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/routers/user"
 )
 func Home(r render.Render, data base.TmplData, session sessions.Session) {
-	if user.IsSignedIn(session) {
+	if auth.IsSignedIn(session) {
 		user.Dashboard(r, data, session)
 		return
 	}
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@ -10,19 +10,21 @@ import (
 	"strconv"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
 	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/routers/user"
+	"github.com/gogits/gogs/modules/auth"
-	"github.com/martini-contrib/sessions"
+	"github.com/gogits/gogs/modules/base"
 )
-func Create(req *http.Request, r render.Render, session sessions.Session) {
+func Create(req *http.Request, r render.Render, data base.TmplData, session sessions.Session) {
 	data["Title"] = "Create repository"
 	if req.Method == "GET" {
 		r.HTML(200, "repo/create", map[string]interface{}{
-			"Title":    "Create repository",
+			"UserName": auth.SignedInName(session),
-			"UserName": user.SignedInName(session),
+			"UserId":   auth.SignedInId(session),
-			"UserId":   user.SignedInId(session),
+			"IsSigned": auth.IsSignedIn(session),
 			"IsSigned": user.IsSignedIn(session),
 		})
 		return
 	}
@ -42,7 +44,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) {
 		if err == nil {
 			r.HTML(200, "repo/created", map[string]interface{}{
 				"RepoName": u.Name + "/" + req.FormValue("name"),
-				"IsSigned": user.IsSignedIn(session),
+				"IsSigned": auth.IsSignedIn(session),
 			})
 			return
 		}
@ -51,7 +53,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) {
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	}
 }
@ -60,7 +62,7 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) {
 	if req.Method == "GET" {
 		r.HTML(200, "repo/delete", map[string]interface{}{
 			"Title":    "Delete repository",
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -70,19 +72,19 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) {
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	}
 }
 func List(req *http.Request, r render.Render, session sessions.Session) {
-	u := user.SignedInUser(session)
+	u := auth.SignedInUser(session)
 	repos, err := models.GetRepositories(u)
 	fmt.Println("repos", repos)
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -90,6 +92,6 @@ func List(req *http.Request, r render.Render, session sessions.Session) {
 	r.HTML(200, "repo/list", map[string]interface{}{
 		"Title":    "repositories",
 		"Repos":    repos,
-		"IsSigned": user.IsSignedIn(session),
+		"IsSigned": auth.IsSignedIn(session),
 	})
 }
--- a/routers/user/ssh.go
+++ b/routers/user/ssh.go
@ -9,21 +9,22 @@ import (
 	"net/http"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
 	"github.com/gogits/gogs/models"
-	"github.com/martini-contrib/sessions"
+	"github.com/gogits/gogs/modules/auth"
 )
 func AddPublicKey(req *http.Request, r render.Render, session sessions.Session) {
 	if req.Method == "GET" {
 		r.HTML(200, "user/publickey_add", map[string]interface{}{
 			"Title":    "Add Public Key",
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
-	k := &models.PublicKey{OwnerId: SignedInId(session),
+	k := &models.PublicKey{OwnerId: auth.SignedInId(session),
 		Name:    req.FormValue("keyname"),
 		Content: req.FormValue("key_content"),
 	}
@ -31,7 +32,7 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session)
 	if err != nil {
 		r.HTML(403, "status/403", map[string]interface{}{
 			"Title":    fmt.Sprintf("%v", err),
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	} else {
 		r.HTML(200, "user/publickey_added", map[string]interface{}{})
@ -39,11 +40,11 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session)
 }
 func ListPublicKey(req *http.Request, r render.Render, session sessions.Session) {
-	keys, err := models.ListPublicKey(SignedInId(session))
+	keys, err := models.ListPublicKey(auth.SignedInId(session))
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -51,6 +52,6 @@ func ListPublicKey(req *http.Request, r render.Render, session sessions.Session)
 	r.HTML(200, "user/publickey_list", map[string]interface{}{
 		"Title":    "repositories",
 		"Keys":     keys,
-		"IsSigned": IsSignedIn(session),
+		"IsSigned": auth.IsSignedIn(session),
 	})
 }
--- a/routers/user/user.go
+++ b/routers/user/user.go
@ -8,7 +8,6 @@ import (
 	"fmt"
 	"net/http"
 	//"github.com/martini-contrib/binding"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
@ -19,80 +18,23 @@ import (
 )
 func Dashboard(r render.Render, data base.TmplData, session sessions.Session) {
 	if !IsSignedIn(session) {
 		// todo : direct to logout
 		r.Redirect("/")
 		return
 	}
 	data["IsSigned"] = true
 	data["SignedUserId"] = SignedInId(session)
 	data["SignedUserName"] = SignedInName(session)
 	data["PageIsUserDashboard"] = true
 	data["Avatar"] = SignedInUser(session).Avatar
 	data["Title"] = "Dashboard"
 	data["PageIsUserDashboard"] = true
 	r.HTML(200, "user/dashboard", data)
 }
 func Profile(r render.Render, data base.TmplData, session sessions.Session) {
 	data["Title"] = "Profile"
-	data["IsSigned"] = IsSignedIn(session)
+	data["IsSigned"] = auth.IsSignedIn(session)
 	// TODO: Need to check view self or others.
-	user := SignedInUser(session)
+	user := auth.SignedInUser(session)
 	data["Avatar"] = user.Avatar
 	data["Username"] = user.Name
 	r.HTML(200, "user/profile", data)
 }
 func IsSignedIn(session sessions.Session) bool {
 	return SignedInId(session) > 0
 }
 func SignedInId(session sessions.Session) int64 {
 	userId := session.Get("userId")
 	if userId == nil {
 		return 0
 	}
 	if s, ok := userId.(int64); ok {
 		return s
 	}
 	return 0
 }
 func SignedInName(session sessions.Session) string {
 	userName := session.Get("userName")
 	if userName == nil {
 		return ""
 	}
 	if s, ok := userName.(string); ok {
 		return s
 	}
 	return ""
 }
 func SignedInUser(session sessions.Session) *models.User {
 	id := SignedInId(session)
 	if id <= 0 {
 		return nil
 	}
 	user, err := models.GetUserById(id)
 	if err != nil {
 		log.Error("user.SignedInUser: %v", err)
 		return nil
 	}
 	return user
 }
 func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render.Render, session sessions.Session) {
 	// if logged, do not show login page
 	if IsSignedIn(session) {
 		r.Redirect("/")
 		return
 	}
 	data["Title"] = "Log In"
 	if req.Method == "GET" {
@ -128,11 +70,6 @@ func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render
 }
 func SignOut(r render.Render, session sessions.Session) {
 	if !IsSignedIn(session) {
 		r.Redirect("/")
 		return
 	}
 	session.Delete("userId")
 	session.Delete("userName")
 	r.Redirect("/")
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@ -10,6 +10,7 @@
                <input type="hidden" value="{{.UserId}}" name="userId"/>
            </div>
        </div>
        <div class="form-group">
            <label class="col-md-2 control-label">Repository<strong class="text-danger">*</strong></label>
            <div class="col-md-8">
@ -17,12 +18,21 @@
                <span class="help-block">Great repository names are short and memorable. </span>
            </div>
        </div>
        <div class="form-group">
            <label class="col-md-2 control-label">Visibility<strong class="text-danger">*</strong></label>
            <div class="col-md-8">
                <p class="form-control-static">Public</p>
            </div>
        </div>
        <div class="form-group">
            <label class="col-md-2 control-label">Description</label>
            <div class="col-md-8">
                <textarea name="desc" class="form-control" placeholder="Type your repository name"></textarea>
            </div>
        </div>
        <div class="form-group">
            <label class="col-md-2 control-label">Language</label>
            <div class="col-md-8">
@ -36,6 +46,7 @@
                </select>
            </div>
        </div>
        <div class="form-group">
            <div class="col-md-8 col-md-offset-2">
                <div class="checkbox">
@ -46,6 +57,7 @@
                </div>
            </div>
        </div>
        <div class="form-group">
            <div class="col-md-offset-2 col-md-8">
                <button type="submit" class="btn btn-lg btn-primary">Create repository</button>
--- a/web.go
+++ b/web.go
@ -57,17 +57,17 @@ func runWeb(*cli.Context) {
 	m.Use(sessions.Sessions("my_session", store))
 	// Routers.
-	m.Get("/", routers.Home)
+	m.Get("/", auth.SignInRequire(false), routers.Home)
-	m.Any("/user/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
+	m.Any("/user/login", auth.SignOutRequire(), binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
-	m.Any("/user/logout", user.SignOut)
+	m.Any("/user/logout", auth.SignInRequire(true), user.SignOut)
-	m.Any("/user/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
+	m.Any("/user/sign_up", auth.SignOutRequire(), binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
 	m.Get("/user/profile", user.Profile) // should be /username
-	m.Any("/user/delete", user.Delete)
+	m.Any("/user/delete", auth.SignInRequire(true), user.Delete)
 	m.Any("/user/publickey/add", user.AddPublicKey)
 	m.Any("/user/publickey/list", user.ListPublicKey)
-	m.Any("/repo/create", repo.Create)
+
-	m.Any("/repo/delete", repo.Delete)
+	m.Any("/repo/create", auth.SignInRequire(true), repo.Create)
 	m.Any("/repo/delete", auth.SignInRequire(true), repo.Delete)
 	m.Any("/repo/list", repo.List)
 	listenAddr := fmt.Sprintf("%s:%s",