wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
1027 Commits
197 Branches
346 MB
814 Download
Tree: bf58679390
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bf58679390'
${ noResults }
aiforge/models/login.go

login.go 7.7 kB
Raw Normal View History

fix code
11 years ago
add login.go
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
add smtp authentication
11 years ago
merge all login methods
11 years ago
ldap support
11 years ago
add login.go
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
fix code
11 years ago
ldap support
11 years ago
add login.go
11 years ago
basic authentications
11 years ago
merge all login methods
11 years ago
add login.go
11 years ago
basic authentications
11 years ago
fix code
11 years ago
basic authentications
11 years ago
add login.go
11 years ago
add support for smtp authentication
11 years ago
add login.go
11 years ago
ldap support
11 years ago
add login.go
11 years ago
ldap support
11 years ago
add login.go
11 years ago
ldap support
11 years ago
add login.go
11 years ago
add smtp authentication
11 years ago
add support for smtp authentication
11 years ago
add smtp authentication
11 years ago
add login.go
11 years ago
merge all login methods
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
add smtp authentication
11 years ago
basic authentications
11 years ago
add smtp authentication
11 years ago
basic authentications
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
add support for smtp authentication
11 years ago
ldap support
11 years ago
add support for smtp authentication
11 years ago
basic authentications
11 years ago
ldap support
11 years ago
basic authentications
11 years ago
ldap support
11 years ago
add login.go
11 years ago
merge all login methods
11 years ago
add smtp authentication
11 years ago
merge all login methods
11 years ago
add smtp authentication
11 years ago
merge all login methods
11 years ago
add smtp authentication
11 years ago
add support for smtp authentication
11 years ago
add smtp authentication
11 years ago
add support for smtp authentication
11 years ago
add smtp authentication
11 years ago
add support for smtp authentication
11 years ago
add smtp authentication
11 years ago
add support for smtp authentication
11 years ago
add smtp authentication
11 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354 
  1. // Copyright github.com/juju2013. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"encoding/json"

  9. 	"errors"

  10. 	"fmt"

  11. 	"net/smtp"

  12. 	"strings"

  13. 	"time"

  14. 

  15. 	"github.com/go-xorm/core"

  16. 	"github.com/go-xorm/xorm"

  17. 

  18. 	"github.com/gogits/gogs/modules/auth/ldap"

  19. )

  20. 

  21. // Login types.

  22. const (

  23. 	LT_NOTYPE = iota

  24. 	LT_PLAIN

  25. 	LT_LDAP

  26. 	LT_SMTP

  27. )

  28. 

  29. var (

  30. 	ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")

  31. 	ErrAuthenticationNotExist     = errors.New("Authentication does not exist")

  32. 	ErrAuthenticationUserUsed     = errors.New("Authentication has been used by some users")

  33. )

  34. 

  35. var LoginTypes = map[int]string{

  36. 	LT_LDAP: "LDAP",

  37. 	LT_SMTP: "SMTP",

  38. }

  39. 

  40. var _ core.Conversion = &LDAPConfig{}

  41. var _ core.Conversion = &SMTPConfig{}

  42. 

  43. type LDAPConfig struct {

  44. 	ldap.Ldapsource

  45. }

  46. 

  47. // implement

  48. func (cfg *LDAPConfig) FromDB(bs []byte) error {

  49. 	return json.Unmarshal(bs, &cfg.Ldapsource)

  50. }

  51. 

  52. func (cfg *LDAPConfig) ToDB() ([]byte, error) {

  53. 	return json.Marshal(cfg.Ldapsource)

  54. }

  55. 

  56. type SMTPConfig struct {

  57. 	Auth string

  58. 	Host string

  59. 	Port int

  60. 	TLS  bool

  61. }

  62. 

  63. // implement

  64. func (cfg *SMTPConfig) FromDB(bs []byte) error {

  65. 	return json.Unmarshal(bs, cfg)

  66. }

  67. 

  68. func (cfg *SMTPConfig) ToDB() ([]byte, error) {

  69. 	return json.Marshal(cfg)

  70. }

  71. 

  72. type LoginSource struct {

  73. 	Id                int64

  74. 	Type              int

  75. 	Name              string          `xorm:"unique"`

  76. 	IsActived         bool            `xorm:"not null default false"`

  77. 	Cfg               core.Conversion `xorm:"TEXT"`

  78. 	Created           time.Time       `xorm:"created"`

  79. 	Updated           time.Time       `xorm:"updated"`

  80. 	AllowAutoRegisted bool            `xorm:"not null default false"`

  81. }

  82. 

  83. func (source *LoginSource) TypeString() string {

  84. 	return LoginTypes[source.Type]

  85. }

  86. 

  87. func (source *LoginSource) LDAP() *LDAPConfig {

  88. 	return source.Cfg.(*LDAPConfig)

  89. }

  90. 

  91. func (source *LoginSource) SMTP() *SMTPConfig {

  92. 	return source.Cfg.(*SMTPConfig)

  93. }

  94. 

  95. // for xorm callback

  96. func (source *LoginSource) BeforeSet(colName string, val xorm.Cell) {

  97. 	if colName == "type" {

  98. 		ty := (*val).(int64)

  99. 		switch ty {

  100. 		case LT_LDAP:

  101. 			source.Cfg = new(LDAPConfig)

  102. 		case LT_SMTP:

  103. 			source.Cfg = new(SMTPConfig)

  104. 		}

  105. 	}

  106. }

  107. 

  108. func GetAuths() ([]*LoginSource, error) {

  109. 	var auths = make([]*LoginSource, 0)

  110. 	err := orm.Find(&auths)

  111. 	return auths, err

  112. }

  113. 

  114. func GetLoginSourceById(id int64) (*LoginSource, error) {

  115. 	source := new(LoginSource)

  116. 	has, err := orm.Id(id).Get(source)

  117. 	if err != nil {

  118. 		return nil, err

  119. 	}

  120. 	if !has {

  121. 		return nil, ErrAuthenticationNotExist

  122. 	}

  123. 	return source, nil

  124. }

  125. 

  126. func AddSource(source *LoginSource) error {

  127. 	_, err := orm.Insert(source)

  128. 	return err

  129. }

  130. 

  131. func UpdateSource(source *LoginSource) error {

  132. 	_, err := orm.AllCols().Id(source.Id).Update(source)

  133. 	return err

  134. }

  135. 

  136. func DelLoginSource(source *LoginSource) error {

  137. 	cnt, err := orm.Count(&User{LoginSource: source.Id})

  138. 	if err != nil {

  139. 		return err

  140. 	}

  141. 	if cnt > 0 {

  142. 		return ErrAuthenticationUserUsed

  143. 	}

  144. 	_, err = orm.Id(source.Id).Delete(&LoginSource{})

  145. 	return err

  146. }

  147. 

  148. // login a user

  149. func LoginUser(uname, passwd string) (*User, error) {

  150. 	var u *User

  151. 	var emailLogin bool

  152. 	if strings.Contains(uname, "@") {

  153. 		u = &User{Email: uname}

  154. 		emailLogin = true

  155. 	} else {

  156. 		u = &User{LowerName: strings.ToLower(uname)}

  157. 	}

  158. 

  159. 	has, err := orm.Get(u)

  160. 	if err != nil {

  161. 		return nil, err

  162. 	}

  163. 

  164. 	// if email login, then we cannot auto register

  165. 	if emailLogin {

  166. 		if !has {

  167. 			return nil, ErrUserNotExist

  168. 		}

  169. 	}

  170. 	if u.LoginType == LT_NOTYPE {

  171. 		u.LoginType = LT_PLAIN

  172. 	}

  173. 

  174. 	// for plain login, user must have existed.

  175. 	if u.LoginType == LT_PLAIN {

  176. 		if !has {

  177. 			return nil, ErrUserNotExist

  178. 		}

  179. 

  180. 		newUser := &User{Passwd: passwd, Salt: u.Salt}

  181. 		newUser.EncodePasswd()

  182. 		if u.Passwd != newUser.Passwd {

  183. 			return nil, ErrUserNotExist

  184. 		}

  185. 		return u, nil

  186. 	} else {

  187. 		if !has {

  188. 			var sources []LoginSource

  189. 			cond := &LoginSource{IsActived: true, AllowAutoRegisted: true}

  190. 			err = orm.UseBool().Find(&sources, cond)

  191. 			if err != nil {

  192. 				return nil, err

  193. 			}

  194. 

  195. 			for _, source := range sources {

  196. 				if source.Type == LT_LDAP {

  197. 					u, err := LoginUserLdapSource(nil, u.LoginName, passwd,

  198. 						source.Id, source.Cfg.(*LDAPConfig), true)

  199. 					if err == nil {

  200. 						return u, err

  201. 					}

  202. 				} else if source.Type == LT_SMTP {

  203. 					u, err := LoginUserSMTPSource(nil, u.LoginName, passwd,

  204. 						source.Id, source.Cfg.(*SMTPConfig), true)

  205. 

  206. 					if err == nil {

  207. 						return u, err

  208. 					}

  209. 				}

  210. 			}

  211. 

  212. 			return nil, ErrUserNotExist

  213. 		}

  214. 

  215. 		var source LoginSource

  216. 		hasSource, err := orm.Id(u.LoginSource).Get(&source)

  217. 		if err != nil {

  218. 			return nil, err

  219. 		}

  220. 		if !hasSource {

  221. 			return nil, ErrLoginSourceNotExist

  222. 		}

  223. 

  224. 		if !source.IsActived {

  225. 			return nil, ErrLoginSourceNotActived

  226. 		}

  227. 

  228. 		switch u.LoginType {

  229. 		case LT_LDAP:

  230. 			return LoginUserLdapSource(u, u.LoginName, passwd,

  231. 				source.Id, source.Cfg.(*LDAPConfig), false)

  232. 		case LT_SMTP:

  233. 			return LoginUserSMTPSource(u, u.LoginName, passwd,

  234. 				source.Id, source.Cfg.(*SMTPConfig), false)

  235. 		}

  236. 		return nil, ErrUnsupportedLoginType

  237. 	}

  238. }

  239. 

  240. // Query if name/passwd can login against the LDAP direcotry pool

  241. // Create a local user if success

  242. // Return the same LoginUserPlain semantic

  243. func LoginUserLdapSource(user *User, name, passwd string, sourceId int64, cfg *LDAPConfig, autoRegister bool) (*User, error) {

  244. 	mail, logged := cfg.Ldapsource.SearchEntry(name, passwd)

  245. 	if !logged {

  246. 		// user not in LDAP, do nothing

  247. 		return nil, ErrUserNotExist

  248. 	}

  249. 	if !autoRegister {

  250. 		return user, nil

  251. 	}

  252. 

  253. 	// fake a local user creation

  254. 	user = &User{

  255. 		LowerName:   strings.ToLower(name),

  256. 		Name:        strings.ToLower(name),

  257. 		LoginType:   LT_LDAP,

  258. 		LoginSource: sourceId,

  259. 		LoginName:   name,

  260. 		IsActive:    true,

  261. 		Passwd:      passwd,

  262. 		Email:       mail,

  263. 	}

  264. 

  265. 	return RegisterUser(user)

  266. }

  267. 

  268. type loginAuth struct {

  269. 	username, password string

  270. }

  271. 

  272. func LoginAuth(username, password string) smtp.Auth {

  273. 	return &loginAuth{username, password}

  274. }

  275. 

  276. func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {

  277. 	return "LOGIN", []byte(a.username), nil

  278. }

  279. 

  280. func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {

  281. 	if more {

  282. 		switch string(fromServer) {

  283. 		case "Username:":

  284. 			return []byte(a.username), nil

  285. 		case "Password:":

  286. 			return []byte(a.password), nil

  287. 		}

  288. 	}

  289. 	return nil, nil

  290. }

  291. 

  292. var (

  293. 	SMTP_PLAIN = "PLAIN"

  294. 	SMTP_LOGIN = "LOGIN"

  295. 	SMTPAuths  = []string{SMTP_PLAIN, SMTP_LOGIN}

  296. )

  297. 

  298. func SmtpAuth(addr string, a smtp.Auth) error {

  299. 	c, err := smtp.Dial(addr)

  300. 	if err != nil {

  301. 		return err

  302. 	}

  303. 	defer c.Close()

  304. 

  305. 	if ok, _ := c.Extension("STARTTLS"); ok {

  306. 		if err = c.StartTLS(nil); err != nil {

  307. 			return err

  308. 		}

  309. 	}

  310. 

  311. 	if ok, _ := c.Extension("AUTH"); ok {

  312. 		if err = c.Auth(a); err != nil {

  313. 			return err

  314. 		}

  315. 		return nil

  316. 	} else {

  317. 		return ErrUnsupportedLoginType

  318. 	}

  319. }

  320. 

  321. // Query if name/passwd can login against the LDAP direcotry pool

  322. // Create a local user if success

  323. // Return the same LoginUserPlain semantic

  324. func LoginUserSMTPSource(user *User, name, passwd string, sourceId int64, cfg *SMTPConfig, autoRegister bool) (*User, error) {

  325. 	var auth smtp.Auth

  326. 	if cfg.Auth == SMTP_PLAIN {

  327. 		auth = smtp.PlainAuth("", name, passwd, cfg.Host)

  328. 	} else if cfg.Auth == SMTP_LOGIN {

  329. 		auth = LoginAuth(name, passwd)

  330. 	}

  331. 

  332. 	err := SmtpAuth(fmt.Sprintf("%s:%d", cfg.Host, cfg.Port), auth)

  333. 	if err != nil {

  334. 		return nil, err

  335. 	}

  336. 

  337. 	if !autoRegister {

  338. 		return user, nil

  339. 	}

  340. 

  341. 	// fake a local user creation

  342. 	user = &User{

  343. 		LowerName:   strings.ToLower(name),

  344. 		Name:        strings.ToLower(name),

  345. 		LoginType:   LT_SMTP,

  346. 		LoginSource: sourceId,

  347. 		LoginName:   name,

  348. 		IsActive:    true,

  349. 		Passwd:      passwd,

  350. 		Email:       name,

  351. 	}

  352. 

  353. 	return RegisterUser(user)

  354. }

No Description