Remove check on username if AccessToken authentication (#11015)

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years ago · 7c48085ff4
parent f7ecc2bee7
commit 7c48085ff4
2 changed files with 10 additions and 35 deletions
--- a/modules/auth/sso/basic.go
+++ b/modules/auth/sso/basic.go
@ -85,22 +85,12 @@ func (b *Basic) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models
 	}
 	token, err := models.GetAccessTokenBySHA(authToken)
 	if err == nil {
-		if isUsernameToken {
-			u, err = models.GetUserByID(token.UID)
-			if err != nil {
-				log.Error("GetUserByID:  %v", err)
-				return nil
-			}
-		} else {
-			u, err = models.GetUserByName(uname)
-			if err != nil {
-				log.Error("GetUserByID:  %v", err)
-				return nil
-			}
-			if u.ID != token.UID {
-				return nil
-			}
+		u, err = models.GetUserByID(token.UID)
+		if err != nil {
+			log.Error("GetUserByID:  %v", err)
+			return nil
 		}
+
 		token.UpdatedUnix = timeutil.TimeStampNow()
 		if err = models.UpdateAccessToken(token); err != nil {
 			log.Error("UpdateAccessToken:  %v", err)
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@ -188,27 +188,12 @@ func HTTP(ctx *context.Context) {
 			// Assume password is a token.
 			token, err := models.GetAccessTokenBySHA(authToken)
 			if err == nil {
-				if isUsernameToken {
-					authUser, err = models.GetUserByID(token.UID)
-					if err != nil {
-						ctx.ServerError("GetUserByID", err)
-						return
-					}
-				} else {
-					authUser, err = models.GetUserByName(authUsername)
-					if err != nil {
-						if models.IsErrUserNotExist(err) {
-							ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
-						} else {
-							ctx.ServerError("GetUserByName", err)
-						}
-						return
-					}
-					if authUser.ID != token.UID {
-						ctx.HandleText(http.StatusUnauthorized, fmt.Sprintf("invalid credentials from %s", ctx.RemoteAddr()))
-						return
-					}
+				authUser, err = models.GetUserByID(token.UID)
+				if err != nil {
+					ctx.ServerError("GetUserByID", err)
+					return
 				}
+
 				token.UpdatedUnix = timeutil.TimeStampNow()
 				if err = models.UpdateAccessToken(token); err != nil {
 					ctx.ServerError("UpdateAccessToken", err)