From 3ebc9b991a70e10c4b2c6319c1ff6195c0d75a17 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 5 Apr 2014 11:22:14 -0400 Subject: [PATCH] Use gogits/session for oauth2 --- .gopmfile | 42 +++++++++++++-------------- README.md | 4 +-- README_ZH.md | 4 +-- gogs.go | 2 +- models/publickey.go | 2 +- modules/oauth2/oauth2.go | 61 +++++++++++++++++++++------------------- routers/install.go | 1 + web.go | 23 +++++++-------- 8 files changed, 69 insertions(+), 70 deletions(-) diff --git a/.gopmfile b/.gopmfile index ae92d45e3..d3f0b3ca3 100644 --- a/.gopmfile +++ b/.gopmfile @@ -1,28 +1,26 @@ [target] -path=github.com/gogits/gogs +path = github.com/gogits/gogs [deps] -github.com/codegangsta/cli= -github.com/go-martini/martini= -github.com/Unknwon/com= -github.com/Unknwon/cae= -github.com/Unknwon/goconfig= -github.com/dchest/scrypt= -github.com/nfnt/resize= -github.com/lunny/xorm= -github.com/go-sql-driver/mysql= -github.com/lib/pq= -github.com/gogits/logs= -github.com/gogits/binding= -github.com/gogits/git= -github.com/gogits/gfm= -github.com/gogits/cache= -github.com/gogits/session= -github.com/gogits/webdav= -github.com/martini-contrib/oauth2= -github.com/martini-contrib/sessions= -code.google.com/p/goauth2= +github.com/codegangsta/cli = +github.com/go-martini/martini = +github.com/Unknwon/com = +github.com/Unknwon/cae = +github.com/Unknwon/goconfig = +github.com/dchest/scrypt = +github.com/nfnt/resize = +github.com/lunny/xorm = +github.com/go-sql-driver/mysql = +github.com/lib/pq = +github.com/gogits/logs = +github.com/gogits/binding = +github.com/gogits/git = +github.com/gogits/gfm = +github.com/gogits/cache = +github.com/gogits/session = +github.com/gogits/webdav = +code.google.com/p/goauth2 = [res] -include=templates|public|conf +include = templates|public|conf diff --git a/README.md b/README.md index 6061f5a71..ede1894ad 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### Current version: 0.2.0 Alpha +##### Current version: 0.2.1 Alpha #### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site. @@ -31,7 +31,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o - Activity timeline - SSH/HTTPS(Clone only) protocol support. - Register/delete/rename account. -- Create/delete/watch/rename public repository. +- Create/delete/watch/rename/transfer public repository. - Repository viewer. - Issue tracker. - Gravatar and cache support. diff --git a/README_ZH.md b/README_ZH.md index e66f607a1..9b5e46413 100644 --- a/README_ZH.md +++ b/README_ZH.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。 ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### 当前版本:0.2.0 Alpha +##### 当前版本:0.2.1 Alpha ## 开发目的 @@ -25,7 +25,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依 - 活动时间线 - SSH/HTTPS(仅限 Clone) 协议支持 - 注册/删除/重命名用户 -- 创建/删除/关注/重命名公开仓库 +- 创建/删除/关注/重命名/转移公开仓库 - 仓库浏览器 - Bug 追踪系统 - Gravatar 以及缓存支持 diff --git a/gogs.go b/gogs.go index 8d9159d6a..13b9d377d 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.0.0404 Alpha" +const APP_VER = "0.2.1.0405 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/publickey.go b/models/publickey.go index 426e6b0be..ed47ff209 100644 --- a/models/publickey.go +++ b/models/publickey.go @@ -78,7 +78,7 @@ func init() { type PublicKey struct { Id int64 OwnerId int64 `xorm:"unique(s) index not null"` - Name string `xorm:"unique(s) not null"` //UNIQUE(s) + Name string `xorm:"unique(s) not null"` Fingerprint string Content string `xorm:"TEXT not null"` Created time.Time `xorm:"created"` diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go index 088d65dda..6612b95a8 100644 --- a/modules/oauth2/oauth2.go +++ b/modules/oauth2/oauth2.go @@ -26,7 +26,10 @@ import ( "code.google.com/p/goauth2/oauth" "github.com/go-martini/martini" - "github.com/martini-contrib/sessions" + + "github.com/gogits/session" + + "github.com/gogits/gogs/modules/middleware" ) const ( @@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler { Transport: http.DefaultTransport, } - return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - switch r.URL.Path { + return func(c martini.Context, ctx *middleware.Context) { + if ctx.Req.Method == "GET" { + switch ctx.Req.URL.Path { case PathLogin: - login(transport, s, w, r) + login(transport, ctx) case PathLogout: - logout(transport, s, w, r) + logout(transport, ctx) case PathCallback: - handleOAuth2Callback(transport, s, w, r) + handleOAuth2Callback(transport, ctx) } } - tk := unmarshallToken(s) + tk := unmarshallToken(ctx.Session) if tk != nil { // check if the access token is expired if tk.IsExpired() && tk.Refresh() == "" { - s.Delete(keyToken) + ctx.Session.Delete(keyToken) tk = nil } } @@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler { // Sample usage: // m.Get("/login-required", oauth2.LoginRequired, func() ... {}) var LoginRequired martini.Handler = func() martini.Handler { - return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { - token := unmarshallToken(s) + return func(c martini.Context, ctx *middleware.Context) { + token := unmarshallToken(ctx.Session) if token == nil || token.IsExpired() { - next := url.QueryEscape(r.URL.RequestURI()) - http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect) + next := url.QueryEscape(ctx.Req.URL.RequestURI()) + ctx.Redirect(PathLogin+"?next="+next, codeRedirect) } } }() -func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get(keyNextPage)) - if s.Get(keyToken) == nil { +func login(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + if ctx.Session.Get(keyToken) == nil { // User is not logged in. - http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect) + ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect) return } // No need to login, redirect to the next page. - http.Redirect(w, r, next, codeRedirect) + ctx.Redirect(next, codeRedirect) } -func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get(keyNextPage)) - s.Delete(keyToken) - http.Redirect(w, r, next, codeRedirect) +func logout(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + ctx.Session.Delete(keyToken) + ctx.Redirect(next, codeRedirect) } -func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get("state")) - code := r.URL.Query().Get("code") +func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get("state")) + code := ctx.Req.URL.Query().Get("code") tk, err := t.Exchange(code) if err != nil { // Pass the error message, or allow dev to provide its own // error handler. - http.Redirect(w, r, PathError, codeRedirect) + ctx.Redirect(PathError, codeRedirect) return } // Store the credentials in the session. val, _ := json.Marshal(tk) - s.Set(keyToken, val) - http.Redirect(w, r, next, codeRedirect) + ctx.Session.Set(keyToken, val) + ctx.Redirect(next, codeRedirect) } -func unmarshallToken(s sessions.Session) (t *token) { +func unmarshallToken(s session.SessionStore) (t *token) { if s.Get(keyToken) == nil { return } diff --git a/routers/install.go b/routers/install.go index 032af4802..48c1b5e13 100644 --- a/routers/install.go +++ b/routers/install.go @@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) { if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd, IsAdmin: true, IsActive: true}); err != nil { if err != models.ErrUserAlreadyExist { + base.InstallLock = false ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form) return } diff --git a/web.go b/web.go index 18e48b84d..0594d8e60 100644 --- a/web.go +++ b/web.go @@ -11,8 +11,6 @@ import ( "github.com/codegangsta/cli" "github.com/go-martini/martini" - // "github.com/martini-contrib/oauth2" - // "github.com/martini-contrib/sessions" "github.com/gogits/binding" @@ -21,6 +19,7 @@ import ( "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" + "github.com/gogits/gogs/modules/oauth2" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/api/v1" @@ -59,19 +58,17 @@ func runWeb(*cli.Context) { // Middlewares. m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}})) - - // scope := "https://api.github.com/user" - // oauth2.PathCallback = "/oauth2callback" - // m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) - // m.Use(oauth2.Github(&oauth2.Options{ - // ClientId: "09383403ff2dc16daaa1", - // ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", - // RedirectURL: base.AppUrl + oauth2.PathCallback, - // Scopes: []string{scope}, - // })) - m.Use(middleware.InitContext()) + scope := "https://api.github.com/user" + oauth2.PathCallback = "/oauth2callback" + m.Use(oauth2.Github(&oauth2.Options{ + ClientId: "09383403ff2dc16daaa1", + ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", + RedirectURL: base.AppUrl + oauth2.PathCallback, + Scopes: []string{scope}, + })) + reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true}) ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView}) reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})