Unknwon
10 years ago
4 changed files with 14 additions and 12 deletions
Unified View
Diff Options
-
+2 -1cmd/web.go
-
+1 -9models/user.go
-
+1 -1modules/middleware/auth.go
-
+10 -1routers/user/auth.go
+ 2
- 1
cmd/web.go
View File
| @@ -206,7 +206,7 @@ func runWeb(ctx *cli.Context) { | |||||
| m.Get("/issues", user.Issues) | m.Get("/issues", user.Issues) | ||||
| }, reqSignIn) | }, reqSignIn) | ||||
| // API. | |||||
| // ***** START: API ***** | |||||
| // FIXME: custom form error response. | // FIXME: custom form error response. | ||||
| m.Group("/api", func() { | m.Group("/api", func() { | ||||
| m.Group("/v1", func() { | m.Group("/v1", func() { | ||||
| @@ -248,6 +248,7 @@ func runWeb(ctx *cli.Context) { | |||||
| }) | }) | ||||
| }) | }) | ||||
| }, ignSignIn) | }, ignSignIn) | ||||
| // ***** END: API ***** | |||||
| // ***** START: User ***** | // ***** START: User ***** | ||||
| m.Group("/user", func() { | m.Group("/user", func() { | ||||
+ 1
- 9
models/user.go
View File
| @@ -373,17 +373,9 @@ func CreateUser(u *User) (err error) { | |||||
| } else if err = os.MkdirAll(UserPath(u.Name), os.ModePerm); err != nil { | } else if err = os.MkdirAll(UserPath(u.Name), os.ModePerm); err != nil { | ||||
| sess.Rollback() | sess.Rollback() | ||||
| return err | return err | ||||
| } else if err = sess.Commit(); err != nil { | |||||
| return err | |||||
| } | } | ||||
| // Auto-set admin for the first user. | |||||
| if CountUsers() == 1 { | |||||
| u.IsAdmin = true | |||||
| u.IsActive = true | |||||
| _, err = x.Id(u.Id).AllCols().Update(u) | |||||
| } | |||||
| return err | |||||
| return sess.Commit() | |||||
| } | } | ||||
| func countUsers(e Engine) int64 { | func countUsers(e Engine) int64 { | ||||
+ 1
- 1
modules/middleware/auth.go
View File
| @@ -80,7 +80,7 @@ func Toggle(options *ToggleOptions) macaron.Handler { | |||||
| return | return | ||||
| } | } | ||||
| if !options.SignOutRequire && !options.DisableCsrf && ctx.Req.Method == "POST" { | |||||
| if !options.SignOutRequire && !options.DisableCsrf && ctx.Req.Method == "POST" && !auth.IsAPIPath(ctx.Req.URL.Path) { | |||||
| csrf.Validate(ctx.Context, ctx.csrf) | csrf.Validate(ctx.Context, ctx.csrf) | ||||
| if ctx.Written() { | if ctx.Written() { | ||||
| return | return | ||||
+ 10
- 1
routers/user/auth.go
View File
| @@ -220,7 +220,6 @@ func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.Registe | |||||
| Passwd: form.Password, | Passwd: form.Password, | ||||
| IsActive: !setting.Service.RegisterEmailConfirm || isOauth, | IsActive: !setting.Service.RegisterEmailConfirm || isOauth, | ||||
| } | } | ||||
| if err := models.CreateUser(u); err != nil { | if err := models.CreateUser(u); err != nil { | ||||
| switch { | switch { | ||||
| case models.IsErrUserAlreadyExist(err): | case models.IsErrUserAlreadyExist(err): | ||||
| @@ -242,6 +241,16 @@ func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.Registe | |||||
| } | } | ||||
| log.Trace("Account created: %s", u.Name) | log.Trace("Account created: %s", u.Name) | ||||
| // Auto-set admin for the only user. | |||||
| if models.CountUsers() == 1 { | |||||
| u.IsAdmin = true | |||||
| u.IsActive = true | |||||
| if err := models.UpdateUser(u); err != nil { | |||||
| ctx.Handle(500, "UpdateUser", err) | |||||
| return | |||||
| } | |||||
| } | |||||
| // Bind social account. | // Bind social account. | ||||
| if isOauth { | if isOauth { | ||||
| if err := models.BindUserOauth2(u.Id, sid); err != nil { | if err := models.BindUserOauth2(u.Id, sid); err != nil { | ||||