wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
4068 Commits
197 Branches
346 MB
814 Download
Tree: b6c14f8b21
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b6c14f8b21'
${ noResults }
aiforge/routers/admin/auths.go

auths.go 7.5 kB
Raw Normal View History

fix code
11 years ago
ldap support
11 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
9 years ago
New UI merge in progress
11 years ago
add support for smtp authentication
11 years ago
Fix #173
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
Rename module: middleware -> context
9 years ago
fix code
11 years ago
Allow Gogs to run from a suburl behind a reverse proxy. e.g. http://mydomain.com/gogs/ Conflicts: modules/setting/setting.go Conflicts: templates/repo/release/list.tmpl templates/user/dashboard/dashboard.tmpl Conflicts: routers/repo/setting.go
11 years ago
ldap support
11 years ago
In progress of name template name constant
11 years ago
Continue working on new admin pages
11 years ago
In progress of name template name constant
11 years ago
Rename module: middleware -> context
9 years ago
Continue working on new admin pages
11 years ago
#697 disable captcha and new admin create user UI
10 years ago
Continue working on new admin pages
11 years ago
#697 disable captcha and new admin create user UI
10 years ago
Continue working on new admin pages
11 years ago
more minor fix on 1581
10 years ago
Continue working on new admin pages
11 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Rename module: middleware -> context
9 years ago
Continue working on new admin pages
11 years ago
finish new add auth UI
10 years ago
#1938 #1374 disable password change for non-local users
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
11 years ago
In progress of name template name constant
11 years ago
ldap support
11 years ago
finish new edit auth UI
10 years ago
#1637 able to skip verify for LDAP
10 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
LDAP: Fetch attributes in Bind DN context option This is feature is workaround for #2628 (JumpCloud) and some other services that allow LDAP search only under BindDN user account, but not allow any LDAP search query in logged user DN context. Such approach is an alternative to minimal permissions security pattern for BindDN user.
9 years ago
LDAP: Optional user name attribute specification Consider following LDAP search query example: (&(objectClass=Person)(|(uid=%s)(mail=%s))) Right now on first login attempt Gogs will use the text supplied on login form as the newly created user name. In example query above the text matches against both e-mail or user name. So if user puts the e-mail then the new Gogs user name will be e-mail which may be undesired. Using optional user name attribute setting we can explicitly say we want Gogs user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail to login 1st time, the new account will receive correct user name.
10 years ago
finish new edit auth UI
10 years ago
#1620 add allowed domains for SMTP auth
10 years ago
finish new edit auth UI
10 years ago
Rename module: middleware -> context
9 years ago
Continue working on new admin pages
11 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new add auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
11 years ago
ldap support
11 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new edit auth UI
10 years ago
Add tar.gz download button and other mirror updates
11 years ago
#1938 #1374 disable password change for non-local users
10 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
#1938 #1374 disable password change for non-local users
10 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
#1938 #1374 disable password change for non-local users
10 years ago
finish new edit auth UI
10 years ago
Add PAM authentication
10 years ago
UI fix
11 years ago
add support for smtp authentication
11 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
11 years ago
finish new edit auth UI
10 years ago
#1625 remove auto_register and makes it default
10 years ago
finish new edit auth UI
10 years ago
Continue working on new admin pages
11 years ago
ldap support
11 years ago
#1124 LDAP add and edit form are misleading
10 years ago
finish new edit auth UI
10 years ago
Add suburl support
11 years ago
ldap support
11 years ago
Rename module: middleware -> context
9 years ago
Continue working on new admin pages
11 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
add support for smtp authentication
11 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
In progress of name template name constant
11 years ago
ldap support
11 years ago
Rename module: middleware -> context
9 years ago
Continue working on new admin pages
11 years ago
finish new edit auth UI
10 years ago
add support for smtp authentication
11 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
Use SecurityProtocol to replace UseSSL in LDAP config Initially proposed by #2376 and fixes #3068 as well.
9 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
In progress of name template name constant
11 years ago
basic authentications
11 years ago
add support for smtp authentication
11 years ago
Add tar.gz download button and other mirror updates
11 years ago
#1938 #1374 disable password change for non-local users
10 years ago
finish new edit auth UI
10 years ago
#1938 #1374 disable password change for non-local users
10 years ago
finish new edit auth UI
10 years ago
#1938 #1374 disable password change for non-local users
10 years ago
Add PAM authentication
10 years ago
Fix #173
11 years ago
add support for smtp authentication
11 years ago
finish new edit auth UI
10 years ago
Continue working on new admin pages
11 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
Continue working on new admin pages
11 years ago
finish new edit auth UI
10 years ago
ldap support
11 years ago
Rename module: middleware -> context
9 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
basic authentications
11 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
9 years ago
basic authentications
11 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
9 years ago
basic authentications
11 years ago
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin.
9 years ago
basic authentications
11 years ago
finish new edit auth UI
10 years ago
ldap support
11 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package admin

  6. 

  7. import (

  8. 	"fmt"

  9. 

  10. 	"github.com/Unknwon/com"

  11. 	"github.com/go-xorm/core"

  12. 

  13. 	"github.com/gogits/gogs/models"

  14. 	"github.com/gogits/gogs/modules/auth"

  15. 	"github.com/gogits/gogs/modules/auth/ldap"

  16. 	"github.com/gogits/gogs/modules/base"

  17. 	"github.com/gogits/gogs/modules/context"

  18. 	"github.com/gogits/gogs/modules/log"

  19. 	"github.com/gogits/gogs/modules/setting"

  20. )

  21. 

  22. const (

  23. 	AUTHS     base.TplName = "admin/auth/list"

  24. 	AUTH_NEW  base.TplName = "admin/auth/new"

  25. 	AUTH_EDIT base.TplName = "admin/auth/edit"

  26. )

  27. 

  28. func Authentications(ctx *context.Context) {

  29. 	ctx.Data["Title"] = ctx.Tr("admin.authentication")

  30. 	ctx.Data["PageIsAdmin"] = true

  31. 	ctx.Data["PageIsAdminAuthentications"] = true

  32. 

  33. 	var err error

  34. 	ctx.Data["Sources"], err = models.LoginSources()

  35. 	if err != nil {

  36. 		ctx.Handle(500, "LoginSources", err)

  37. 		return

  38. 	}

  39. 

  40. 	ctx.Data["Total"] = models.CountLoginSources()

  41. 	ctx.HTML(200, AUTHS)

  42. }

  43. 

  44. type dropdownItem struct {

  45. 	Name string

  46. 	Type interface{}

  47. }

  48. 

  49. var (

  50. 	authSources = []dropdownItem{

  51. 		{models.LoginNames[models.LOGIN_LDAP], models.LOGIN_LDAP},

  52. 		{models.LoginNames[models.LOGIN_DLDAP], models.LOGIN_DLDAP},

  53. 		{models.LoginNames[models.LOGIN_SMTP], models.LOGIN_SMTP},

  54. 		{models.LoginNames[models.LOGIN_PAM], models.LOGIN_PAM},

  55. 	}

  56. 	securityProtocols = []dropdownItem{

  57. 		{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED], ldap.SECURITY_PROTOCOL_UNENCRYPTED},

  58. 		{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_LDAPS], ldap.SECURITY_PROTOCOL_LDAPS},

  59. 		{models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_START_TLS], ldap.SECURITY_PROTOCOL_START_TLS},

  60. 	}

  61. )

  62. 

  63. func NewAuthSource(ctx *context.Context) {

  64. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")

  65. 	ctx.Data["PageIsAdmin"] = true

  66. 	ctx.Data["PageIsAdminAuthentications"] = true

  67. 

  68. 	ctx.Data["type"] = models.LOGIN_LDAP

  69. 	ctx.Data["CurrentTypeName"] = models.LoginNames[models.LOGIN_LDAP]

  70. 	ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SECURITY_PROTOCOL_UNENCRYPTED]

  71. 	ctx.Data["smtp_auth"] = "PLAIN"

  72. 	ctx.Data["is_active"] = true

  73. 	ctx.Data["AuthSources"] = authSources

  74. 	ctx.Data["SecurityProtocols"] = securityProtocols

  75. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  76. 	ctx.HTML(200, AUTH_NEW)

  77. }

  78. 

  79. func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {

  80. 	return &models.LDAPConfig{

  81. 		Source: &ldap.Source{

  82. 			Name:              form.Name,

  83. 			Host:              form.Host,

  84. 			Port:              form.Port,

  85. 			SecurityProtocol:  ldap.SecurityProtocol(form.SecurityProtocol),

  86. 			SkipVerify:        form.SkipVerify,

  87. 			BindDN:            form.BindDN,

  88. 			UserDN:            form.UserDN,

  89. 			BindPassword:      form.BindPassword,

  90. 			UserBase:          form.UserBase,

  91. 			AttributeUsername: form.AttributeUsername,

  92. 			AttributeName:     form.AttributeName,

  93. 			AttributeSurname:  form.AttributeSurname,

  94. 			AttributeMail:     form.AttributeMail,

  95. 			AttributesInBind:  form.AttributesInBind,

  96. 			Filter:            form.Filter,

  97. 			AdminFilter:       form.AdminFilter,

  98. 			Enabled:           true,

  99. 		},

  100. 	}

  101. }

  102. 

  103. func parseSMTPConfig(form auth.AuthenticationForm) *models.SMTPConfig {

  104. 	return &models.SMTPConfig{

  105. 		Auth:           form.SMTPAuth,

  106. 		Host:           form.SMTPHost,

  107. 		Port:           form.SMTPPort,

  108. 		AllowedDomains: form.AllowedDomains,

  109. 		TLS:            form.TLS,

  110. 		SkipVerify:     form.SkipVerify,

  111. 	}

  112. }

  113. 

  114. func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {

  115. 	ctx.Data["Title"] = ctx.Tr("admin.auths.new")

  116. 	ctx.Data["PageIsAdmin"] = true

  117. 	ctx.Data["PageIsAdminAuthentications"] = true

  118. 

  119. 	ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(form.Type)]

  120. 	ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(form.SecurityProtocol)]

  121. 	ctx.Data["AuthSources"] = authSources

  122. 	ctx.Data["SecurityProtocols"] = securityProtocols

  123. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  124. 

  125. 	hasTLS := false

  126. 	var config core.Conversion

  127. 	switch models.LoginType(form.Type) {

  128. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:

  129. 		config = parseLDAPConfig(form)

  130. 		hasTLS = ldap.SecurityProtocol(form.SecurityProtocol) > ldap.SECURITY_PROTOCOL_UNENCRYPTED

  131. 	case models.LOGIN_SMTP:

  132. 		config = parseSMTPConfig(form)

  133. 		hasTLS = true

  134. 	case models.LOGIN_PAM:

  135. 		config = &models.PAMConfig{

  136. 			ServiceName: form.PAMServiceName,

  137. 		}

  138. 	default:

  139. 		ctx.Error(400)

  140. 		return

  141. 	}

  142. 	ctx.Data["HasTLS"] = hasTLS

  143. 

  144. 	if ctx.HasError() {

  145. 		ctx.HTML(200, AUTH_NEW)

  146. 		return

  147. 	}

  148. 

  149. 	if err := models.CreateSource(&models.LoginSource{

  150. 		Type:      models.LoginType(form.Type),

  151. 		Name:      form.Name,

  152. 		IsActived: form.IsActive,

  153. 		Cfg:       config,

  154. 	}); err != nil {

  155. 		ctx.Handle(500, "CreateSource", err)

  156. 		return

  157. 	}

  158. 

  159. 	log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)

  160. 

  161. 	ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))

  162. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths")

  163. }

  164. 

  165. func EditAuthSource(ctx *context.Context) {

  166. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")

  167. 	ctx.Data["PageIsAdmin"] = true

  168. 	ctx.Data["PageIsAdminAuthentications"] = true

  169. 

  170. 	ctx.Data["SecurityProtocols"] = securityProtocols

  171. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  172. 

  173. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  174. 	if err != nil {

  175. 		ctx.Handle(500, "GetLoginSourceByID", err)

  176. 		return

  177. 	}

  178. 	ctx.Data["Source"] = source

  179. 	ctx.Data["HasTLS"] = source.HasTLS()

  180. 

  181. 	ctx.HTML(200, AUTH_EDIT)

  182. }

  183. 

  184. func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {

  185. 	ctx.Data["Title"] = ctx.Tr("admin.auths.edit")

  186. 	ctx.Data["PageIsAdmin"] = true

  187. 	ctx.Data["PageIsAdminAuthentications"] = true

  188. 

  189. 	ctx.Data["SMTPAuths"] = models.SMTPAuths

  190. 

  191. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  192. 	if err != nil {

  193. 		ctx.Handle(500, "GetLoginSourceByID", err)

  194. 		return

  195. 	}

  196. 	ctx.Data["Source"] = source

  197. 	ctx.Data["HasTLS"] = source.HasTLS()

  198. 

  199. 	if ctx.HasError() {

  200. 		ctx.HTML(200, AUTH_EDIT)

  201. 		return

  202. 	}

  203. 

  204. 	var config core.Conversion

  205. 	switch models.LoginType(form.Type) {

  206. 	case models.LOGIN_LDAP, models.LOGIN_DLDAP:

  207. 		config = parseLDAPConfig(form)

  208. 	case models.LOGIN_SMTP:

  209. 		config = parseSMTPConfig(form)

  210. 	case models.LOGIN_PAM:

  211. 		config = &models.PAMConfig{

  212. 			ServiceName: form.PAMServiceName,

  213. 		}

  214. 	default:

  215. 		ctx.Error(400)

  216. 		return

  217. 	}

  218. 

  219. 	source.Name = form.Name

  220. 	source.IsActived = form.IsActive

  221. 	source.Cfg = config

  222. 	if err := models.UpdateSource(source); err != nil {

  223. 		ctx.Handle(500, "UpdateSource", err)

  224. 		return

  225. 	}

  226. 	log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, source.ID)

  227. 

  228. 	ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))

  229. 	ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + com.ToStr(form.ID))

  230. }

  231. 

  232. func DeleteAuthSource(ctx *context.Context) {

  233. 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))

  234. 	if err != nil {

  235. 		ctx.Handle(500, "GetLoginSourceByID", err)

  236. 		return

  237. 	}

  238. 

  239. 	if err = models.DeleteSource(source); err != nil {

  240. 		switch err {

  241. 		case models.ErrAuthenticationUserUsed:

  242. 			ctx.Flash.Error(ctx.Tr("admin.auths.still_in_used"))

  243. 		default:

  244. 			ctx.Flash.Error(fmt.Sprintf("DeleteSource: %v", err))

  245. 		}

  246. 		ctx.JSON(200, map[string]interface{}{

  247. 			"redirect": setting.AppSubUrl + "/admin/auths/" + ctx.Params(":authid"),

  248. 		})

  249. 		return

  250. 	}

  251. 	log.Trace("Authentication deleted by admin(%s): %d", ctx.User.Name, source.ID)

  252. 

  253. 	ctx.Flash.Success(ctx.Tr("admin.auths.deletion_success"))

  254. 	ctx.JSON(200, map[string]interface{}{

  255. 		"redirect": setting.AppSubUrl + "/admin/auths",

  256. 	})

  257. }

No Description