wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
6243 Commits
197 Branches
346 MB
2799 Download
Tree: 2174663285
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2174663285'
${ noResults }
aiforge/routers/admin/auths.go

auths.go 10 kB
Raw Normal View History

fix code
12 years ago
ldap support
12 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
10 years ago
Update import paths from github.com/go-gitea to code.gitea.io (#135) - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
Update import paths from github.com/go-gitea to code.gitea.io (#135) - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
ldap support
12 years ago
In progress of name template name constant
12 years ago
go lint fixed for routers/admin
9 years ago
In progress of name template name constant
12 years ago
go lint fixed for routers/admin
9 years ago
Rename module: middleware -> context
10 years ago
Continue working on new admin pages
11 years ago
#697 disable captcha and new admin create user UI
10 years ago
Continue working on new admin pages
11 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
Continue working on new admin pages
11 years ago
more minor fix on 1581
10 years ago
go lint fixed for routers/admin
9 years ago
Continue working on new admin pages
11 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
Security protocols
9 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
go lint fixed for routers/admin
9 years ago
Rename module: middleware -> context
10 years ago
Continue working on new admin pages
11 years ago
finish new add auth UI
10 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
Security protocols
9 years ago
finish new add auth UI
10 years ago
LDAP user synchronization (#1478)
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
12 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
go lint fixed for routers/admin
9 years ago
ldap support
12 years ago
finish new edit auth UI
10 years ago
Add option to use paged LDAP search when synchronizing users (#3895)
8 years ago
finish new edit auth UI
10 years ago
#1637 able to skip verify for LDAP
10 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
LDAP: Fetch attributes in Bind DN context option This is feature is workaround for #2628 (JumpCloud) and some other services that allow LDAP search only under BindDN user account, but not allow any LDAP search query in logged user DN context. Such approach is an alternative to minimal permissions security pattern for BindDN user.
10 years ago
Add option to use paged LDAP search when synchronizing users (#3895)
8 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
finish new edit auth UI
10 years ago
#1620 add allowed domains for SMTP auth
10 years ago
finish new edit auth UI
10 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
go lint fixed for routers/admin
9 years ago
Rename module: middleware -> context
10 years ago
Continue working on new admin pages
11 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
12 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
ldap support
12 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new edit auth UI
10 years ago
Add tar.gz download button and other mirror updates
12 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
finish new edit auth UI
10 years ago
Security protocols
9 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
finish new edit auth UI
10 years ago
Add PAM authentication
11 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
UI fix
12 years ago
add support for smtp authentication
12 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
go lint fixed for routers/admin
9 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
12 years ago
#3515 use alert instead 500 for duplicated login source name
9 years ago
LDAP user synchronization (#1478)
9 years ago
finish new edit auth UI
10 years ago
#3515 use alert instead 500 for duplicated login source name
9 years ago
go lint fixed for routers/admin
9 years ago
#3515 use alert instead 500 for duplicated login source name
9 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
#3515 use alert instead 500 for duplicated login source name
9 years ago
ldap support
12 years ago
#1124 LDAP add and edit form are misleading
11 years ago
finish new edit auth UI
10 years ago
Golint fixed for modules/setting (#262) * golint fixed for modules/setting * typo fixed and renamed UNIXSOCKET to UnixSocket
9 years ago
ldap support
12 years ago
go lint fixed for routers/admin
9 years ago
Rename module: middleware -> context
10 years ago
Continue working on new admin pages
11 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
12 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
add support for smtp authentication
12 years ago
finish new edit auth UI
10 years ago
basic authentications
12 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
basic authentications
12 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
go lint fixed for routers/admin
9 years ago
ldap support
12 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Rename module: middleware -> context
10 years ago
Continue working on new admin pages
11 years ago
finish new edit auth UI
10 years ago
add support for smtp authentication
12 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
basic authentications
12 years ago
finish new edit auth UI
10 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new edit auth UI
10 years ago
basic authentications
12 years ago
go lint fixed for routers/admin
9 years ago
basic authentications
12 years ago
add support for smtp authentication
12 years ago
Add tar.gz download button and other mirror updates
12 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
finish new edit auth UI
10 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
finish new edit auth UI
10 years ago
Fix type in unused constant name (#111) * Write LDAP, SMTP, PAM, DLDAP back to all uppercase * Fix type in unused constant name * Other MixCased fixes * Complete MixerCasing of template constants * Re uppercase LTS and LDAPS suffixes * Uppercase JSON suffix in constant names * Proper case LoginNoType * Prefix unexported template path constants with "tpl"
9 years ago
Add PAM authentication
11 years ago
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
9 years ago
Fix #173
12 years ago
add support for smtp authentication
12 years ago
finish new edit auth UI
10 years ago
LDAP user synchronization (#1478)
9 years ago
finish new edit auth UI
10 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
9 years ago
basic authentications
12 years ago
Fix string format verbs (#3637)
9 years ago
basic authentications
12 years ago
Continue working on new admin pages
11 years ago
Golint fixed for modules/setting (#262) * golint fixed for modules/setting * typo fixed and renamed UNIXSOCKET to UnixSocket
9 years ago
ldap support
12 years ago
go lint fixed for routers/admin
9 years ago
Rename module: middleware -> context
10 years ago
finish new edit auth UI
10 years ago
basic authentications
12 years ago
Handle refactor (#3339) * Replace all ctx.Handle with ctx.ServerError or ctx.NotFound * Change Handle(403) to NotFound, avoid using macaron's NotFound
8 years ago
basic authentications
12 years ago
finish new edit auth UI
10 years ago
models/login_source: code improvement
9 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
10 years ago
models/login_source: code improvement
9 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
10 years ago
basic authentications
12 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
10 years ago
Golint fixed for modules/setting (#262) * golint fixed for modules/setting * typo fixed and renamed UNIXSOCKET to UnixSocket
9 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
10 years ago
basic authentications
12 years ago
finish new edit auth UI
10 years ago
Golint fixed for modules/setting (#262) * golint fixed for modules/setting * typo fixed and renamed UNIXSOCKET to UnixSocket
9 years ago
finish new edit auth UI
10 years ago
ldap support
12 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package admin

  6. 

  7. import (

  8. 	"fmt"

  9. 

  10. 	"code.gitea.io/gitea/models"

  11. 	"code.gitea.io/gitea/modules/auth"

  12. 	"code.gitea.io/gitea/modules/auth/ldap"

  13. 	"code.gitea.io/gitea/modules/auth/oauth2"

  14. 	"code.gitea.io/gitea/modules/base"

  15. 	"code.gitea.io/gitea/modules/context"

  16. 	"code.gitea.io/gitea/modules/log"

  17. 	"code.gitea.io/gitea/modules/setting"

  18. 

  19. 	"github.com/Unknwon/com"

  20. 	"github.com/go-xorm/core"

  21. )

  22. 

  23. const (

  24. 	tplAuths    base.TplName = "admin/auth/list"

  25. 	tplAuthNew  base.TplName = "admin/auth/new"

  26. 	tplAuthEdit base.TplName = "admin/auth/edit"

  27. )

  28. 

  29. // Authentications show authentication config page

  30. func Authentications(ctx *context.Context) {

  31. 	ctx.Data["Title"] = ctx.Tr("admin.authentication")

  32. 	ctx.Data["PageIsAdmin"] = true

  33. 	ctx.Data["PageIsAdminAuthentications"] = true

  34. 

  35. 	var err error

  36. 	ctx.Data["Sources"], err = models.LoginSources()

  37. 	if err != nil {

  38. 		ctx.ServerError("LoginSources", err)

  39. 		return

  40. 	}

  41. 

  42. 	ctx.Data["Total"] = models.CountLoginSources()

  43. 	ctx.HTML(200, tplAuths)

  44. }

  45. 

  46. type dropdownItem struct {

  47. 	Name string

  48. 	Type interface{}

  49. }

  50. 

  51. var (

  52. 	authSources = []dropdownItem{

  53. 		{models.LoginNames[models.LoginLDAP], models.LoginLDAP},

  54. 		{models.LoginNames[models.LoginDLDAP], models.LoginDLDAP},

  55. 		{models.LoginNames[models.LoginSMTP], models.LoginSMTP},

  56. 		{models.LoginNames[models.LoginPAM], models.LoginPAM},

  57. 		{models.LoginNames[models.LoginOAuth2], models.LoginOAuth2},

  58. 	}

  59. 	securityProtocols = []dropdownItem{

  60. 		{models.SecurityProtocolNames[ldap.SecurityProtocolUnencrypted], ldap.SecurityProtocolUnencrypted},

  61. 		{models.SecurityProtocolNames[ldap.SecurityProtocolLDAPS], ldap.SecurityProtocolLDAPS},

  62. 		{models.SecurityProtocolNames[ldap.SecurityProtocolStartTLS], ldap.SecurityProtocolStartTLS},

  63. 	}

  64. )

  65. 

  66. // NewAuthSource render adding a new auth source page

  67. func NewAuthSource(ctx *context.Context) {

  68. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")

  69. 	ctx.Data["PageIsAdmin"] = true

  70. 	ctx.Data["PageIsAdminAuthentications"] = true

  71. 

  72. 	ctx.Data["type"] = models.LoginLDAP

  73. 	ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginLDAP]

  74. 	ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocolUnencrypted]

  75. 	ctx.Data["smtp_auth"] = "PLAIN"

  76. 	ctx.Data["is_active"] = true

  77. 	ctx.Data["is_sync_enabled"] = true

  78. 	ctx.Data["AuthSources"] = authSources

  79. 	ctx.Data["SecurityProtocols"] = securityProtocols

  80. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  81. 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers

  82. 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings

  83. 

  84. 	// only the first as default

  85. 	for key := range models.OAuth2Providers {

  86. 		ctx.Data["oauth2_provider"] = key

  87. 		break

  88. 	}

  89. 

  90. 	ctx.HTML(200, tplAuthNew)

  91. }

  92. 

  93. func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {

  94. 	var pageSize uint32

  95. 	if form.UsePagedSearch {

  96. 		pageSize = uint32(form.SearchPageSize)

  97. 	}

  98. 	return &models.LDAPConfig{

  99. 		Source: &ldap.Source{

  100. 			Name:              form.Name,

  101. 			Host:              form.Host,

  102. 			Port:              form.Port,

  103. 			SecurityProtocol:  ldap.SecurityProtocol(form.SecurityProtocol),

  104. 			SkipVerify:        form.SkipVerify,

  105. 			BindDN:            form.BindDN,

  106. 			UserDN:            form.UserDN,

  107. 			BindPassword:      form.BindPassword,

  108. 			UserBase:          form.UserBase,

  109. 			AttributeUsername: form.AttributeUsername,

  110. 			AttributeName:     form.AttributeName,

  111. 			AttributeSurname:  form.AttributeSurname,

  112. 			AttributeMail:     form.AttributeMail,

  113. 			AttributesInBind:  form.AttributesInBind,

  114. 			SearchPageSize:    pageSize,

  115. 			Filter:            form.Filter,

  116. 			AdminFilter:       form.AdminFilter,

  117. 			Enabled:           true,

  118. 		},

  119. 	}

  120. }

  121. 

  122. func parseSMTPConfig(form auth.AuthenticationForm) *models.SMTPConfig {

  123. 	return &models.SMTPConfig{

  124. 		Auth:           form.SMTPAuth,

  125. 		Host:           form.SMTPHost,

  126. 		Port:           form.SMTPPort,

  127. 		AllowedDomains: form.AllowedDomains,

  128. 		TLS:            form.TLS,

  129. 		SkipVerify:     form.SkipVerify,

  130. 	}

  131. }

  132. 

  133. func parseOAuth2Config(form auth.AuthenticationForm) *models.OAuth2Config {

  134. 	var customURLMapping *oauth2.CustomURLMapping

  135. 	if form.Oauth2UseCustomURL {

  136. 		customURLMapping = &oauth2.CustomURLMapping{

  137. 			TokenURL:   form.Oauth2TokenURL,

  138. 			AuthURL:    form.Oauth2AuthURL,

  139. 			ProfileURL: form.Oauth2ProfileURL,

  140. 			EmailURL:   form.Oauth2EmailURL,

  141. 		}

  142. 	} else {

  143. 		customURLMapping = nil

  144. 	}

  145. 	return &models.OAuth2Config{

  146. 		Provider:                      form.Oauth2Provider,

  147. 		ClientID:                      form.Oauth2Key,

  148. 		ClientSecret:                  form.Oauth2Secret,

  149. 		OpenIDConnectAutoDiscoveryURL: form.OpenIDConnectAutoDiscoveryURL,

  150. 		CustomURLMapping:              customURLMapping,

  151. 	}

  152. }

  153. 

  154. // NewAuthSourcePost response for adding an auth source

  155. func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {

  156. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")

  157. 	ctx.Data["PageIsAdmin"] = true

  158. 	ctx.Data["PageIsAdminAuthentications"] = true

  159. 

  160. 	ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(form.Type)]

  161. 	ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(form.SecurityProtocol)]

  162. 	ctx.Data["AuthSources"] = authSources

  163. 	ctx.Data["SecurityProtocols"] = securityProtocols

  164. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  165. 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers

  166. 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings

  167. 

  168. 	hasTLS := false

  169. 	var config core.Conversion

  170. 	switch models.LoginType(form.Type) {

  171. 	case models.LoginLDAP, models.LoginDLDAP:

  172. 		config = parseLDAPConfig(form)

  173. 		hasTLS = ldap.SecurityProtocol(form.SecurityProtocol) > ldap.SecurityProtocolUnencrypted

  174. 	case models.LoginSMTP:

  175. 		config = parseSMTPConfig(form)

  176. 		hasTLS = true

  177. 	case models.LoginPAM:

  178. 		config = &models.PAMConfig{

  179. 			ServiceName: form.PAMServiceName,

  180. 		}

  181. 	case models.LoginOAuth2:

  182. 		config = parseOAuth2Config(form)

  183. 	default:

  184. 		ctx.Error(400)

  185. 		return

  186. 	}

  187. 	ctx.Data["HasTLS"] = hasTLS

  188. 

  189. 	if ctx.HasError() {

  190. 		ctx.HTML(200, tplAuthNew)

  191. 		return

  192. 	}

  193. 

  194. 	if err := models.CreateLoginSource(&models.LoginSource{

  195. 		Type:          models.LoginType(form.Type),

  196. 		Name:          form.Name,

  197. 		IsActived:     form.IsActive,

  198. 		IsSyncEnabled: form.IsSyncEnabled,

  199. 		Cfg:           config,

  200. 	}); err != nil {

  201. 		if models.IsErrLoginSourceAlreadyExist(err) {

  202. 			ctx.Data["Err_Name"] = true

  203. 			ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), tplAuthNew, form)

  204. 		} else {

  205. 			ctx.ServerError("CreateSource", err)

  206. 		}

  207. 		return

  208. 	}

  209. 

  210. 	log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)

  211. 

  212. 	ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))

  213. 	ctx.Redirect(setting.AppSubURL + "/admin/auths")

  214. }

  215. 

  216. // EditAuthSource render editing auth source page

  217. func EditAuthSource(ctx *context.Context) {

  218. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")

  219. 	ctx.Data["PageIsAdmin"] = true

  220. 	ctx.Data["PageIsAdminAuthentications"] = true

  221. 

  222. 	ctx.Data["SecurityProtocols"] = securityProtocols

  223. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  224. 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers

  225. 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings

  226. 

  227. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  228. 	if err != nil {

  229. 		ctx.ServerError("GetLoginSourceByID", err)

  230. 		return

  231. 	}

  232. 	ctx.Data["Source"] = source

  233. 	ctx.Data["HasTLS"] = source.HasTLS()

  234. 

  235. 	if source.IsOAuth2() {

  236. 		ctx.Data["CurrentOAuth2Provider"] = models.OAuth2Providers[source.OAuth2().Provider]

  237. 	}

  238. 	ctx.HTML(200, tplAuthEdit)

  239. }

  240. 

  241. // EditAuthSourcePost response for editing auth source

  242. func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {

  243. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")

  244. 	ctx.Data["PageIsAdmin"] = true

  245. 	ctx.Data["PageIsAdminAuthentications"] = true

  246. 

  247. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  248. 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers

  249. 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings

  250. 

  251. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  252. 	if err != nil {

  253. 		ctx.ServerError("GetLoginSourceByID", err)

  254. 		return

  255. 	}

  256. 	ctx.Data["Source"] = source

  257. 	ctx.Data["HasTLS"] = source.HasTLS()

  258. 

  259. 	if ctx.HasError() {

  260. 		ctx.HTML(200, tplAuthEdit)

  261. 		return

  262. 	}

  263. 

  264. 	var config core.Conversion

  265. 	switch models.LoginType(form.Type) {

  266. 	case models.LoginLDAP, models.LoginDLDAP:

  267. 		config = parseLDAPConfig(form)

  268. 	case models.LoginSMTP:

  269. 		config = parseSMTPConfig(form)

  270. 	case models.LoginPAM:

  271. 		config = &models.PAMConfig{

  272. 			ServiceName: form.PAMServiceName,

  273. 		}

  274. 	case models.LoginOAuth2:

  275. 		config = parseOAuth2Config(form)

  276. 	default:

  277. 		ctx.Error(400)

  278. 		return

  279. 	}

  280. 

  281. 	source.Name = form.Name

  282. 	source.IsActived = form.IsActive

  283. 	source.IsSyncEnabled = form.IsSyncEnabled

  284. 	source.Cfg = config

  285. 	if err := models.UpdateSource(source); err != nil {

  286. 		if models.IsErrOpenIDConnectInitialize(err) {

  287. 			ctx.Flash.Error(err.Error(), true)

  288. 			ctx.HTML(200, tplAuthEdit)

  289. 		} else {

  290. 			ctx.ServerError("UpdateSource", err)

  291. 		}

  292. 		return

  293. 	}

  294. 	log.Trace("Authentication changed by admin(%s): %d", ctx.User.Name, source.ID)

  295. 

  296. 	ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))

  297. 	ctx.Redirect(setting.AppSubURL + "/admin/auths/" + com.ToStr(form.ID))

  298. }

  299. 

  300. // DeleteAuthSource response for deleting an auth source

  301. func DeleteAuthSource(ctx *context.Context) {

  302. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  303. 	if err != nil {

  304. 		ctx.ServerError("GetLoginSourceByID", err)

  305. 		return

  306. 	}

  307. 

  308. 	if err = models.DeleteSource(source); err != nil {

  309. 		if models.IsErrLoginSourceInUse(err) {

  310. 			ctx.Flash.Error(ctx.Tr("admin.auths.still_in_used"))

  311. 		} else {

  312. 			ctx.Flash.Error(fmt.Sprintf("DeleteSource: %v", err))

  313. 		}

  314. 		ctx.JSON(200, map[string]interface{}{

  315. 			"redirect": setting.AppSubURL + "/admin/auths/" + ctx.Params(":authid"),

  316. 		})

  317. 		return

  318. 	}

  319. 	log.Trace("Authentication deleted by admin(%s): %d", ctx.User.Name, source.ID)

  320. 

  321. 	ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success"))

  322. 	ctx.JSON(200, map[string]interface{}{

  323. 		"redirect": setting.AppSubURL + "/admin/auths",

  324. 	})

  325. }

No Description