allow http push by token - #842

tokarchuk/v1.17
Christopher Brickley 10 years ago
parent bb26285a12
commit d0827e5d5e
  1. 15
      models/token.go
  2. 27
      routers/repo/http.go

@ -62,6 +62,21 @@ func ListAccessTokens(uid int64) ([]*AccessToken, error) {
return tokens, nil return tokens, nil
} }
// ListAllAccessTokens returns all access tokens
func ListAllAccessTokens() ([]*AccessToken, error) {
tokens := make([]*AccessToken, 0, 5)
err := x.Desc("id").Find(&tokens)
if err != nil {
return nil, err
}
for _, t := range tokens {
t.HasUsed = t.Updated.After(t.Created)
t.HasRecentActivity = t.Updated.Add(7 * 24 * time.Hour).After(time.Now())
}
return tokens, nil
}
// DeleteAccessTokenById deletes access token by given ID. // DeleteAccessTokenById deletes access token by given ID.
func DeleteAccessTokenById(id int64) error { func DeleteAccessTokenById(id int64) error {
_, err := x.Id(id).Delete(new(AccessToken)) _, err := x.Id(id).Delete(new(AccessToken))

@ -78,6 +78,7 @@ func Http(ctx *middleware.Context) {
var askAuth = !isPublicPull || setting.Service.RequireSignInView var askAuth = !isPublicPull || setting.Service.RequireSignInView
var authUser *models.User var authUser *models.User
var authUsername, passwd string var authUsername, passwd string
usedToken := false
// check access // check access
if askAuth { if askAuth {
@ -102,17 +103,43 @@ func Http(ctx *middleware.Context) {
} }
authUser, err = models.GetUserByName(authUsername) authUser, err = models.GetUserByName(authUsername)
if err != nil {
// check if a token was given instead of username
tokens, err := models.ListAllAccessTokens()
if err != nil { if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil) ctx.Handle(401, "no basic auth and digit auth", nil)
return return
} }
for _, token := range tokens {
if token.Sha1 == authUsername {
// get user belonging to token
authUser, err = models.GetUserById(token.Uid)
if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
authUsername = authUser.Name
usedToken = true
break
}
}
if authUser == nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
}
// check password if token is not used
if !usedToken {
newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
newUser.EncodePasswd() newUser.EncodePasswd()
if authUser.Passwd != newUser.Passwd { if authUser.Passwd != newUser.Passwd {
ctx.Handle(401, "no basic auth and digit auth", nil) ctx.Handle(401, "no basic auth and digit auth", nil)
return return
} }
}
if !isPublicPull { if !isPublicPull {
var tp = models.WRITABLE var tp = models.WRITABLE

Loading…
Cancel
Save