Add SignInRequire and SignOutRequire middleware

10 years ago · ba5c7ea771
parent 8e821c75d7
commit ba5c7ea771
8 changed files with 135 additions and 99 deletions
--- a/gogs.go
+++ b/gogs.go
@ -19,7 +19,7 @@ import (
 // Test that go1.1 tag above is included in builds. main.go refers to this definition.
 const go11tag = true

-const APP_VER = "0.0.1.0306"
+const APP_VER = "0.0.1.0307"

 func init() {
 	runtime.GOMAXPROCS(runtime.NumCPU())
--- a/modules/auth/user.go
+++ b/modules/auth/user.go
@ -0,0 +1,82 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package auth
+
+import (
+	"github.com/codegangsta/martini"
+	"github.com/martini-contrib/render"
+	"github.com/martini-contrib/sessions"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/utils/log"
+)
+
+func SignedInId(session sessions.Session) int64 {
+	userId := session.Get("userId")
+	if userId == nil {
+		return 0
+	}
+	if s, ok := userId.(int64); ok {
+		return s
+	}
+	return 0
+}
+
+func SignedInName(session sessions.Session) string {
+	userName := session.Get("userName")
+	if userName == nil {
+		return ""
+	}
+	if s, ok := userName.(string); ok {
+		return s
+	}
+	return ""
+}
+
+func SignedInUser(session sessions.Session) *models.User {
+	id := SignedInId(session)
+	if id <= 0 {
+		return nil
+	}
+
+	user, err := models.GetUserById(id)
+	if err != nil {
+		log.Error("user.SignedInUser: %v", err)
+		return nil
+	}
+	return user
+}
+
+func IsSignedIn(session sessions.Session) bool {
+	return SignedInId(session) > 0
+}
+
+// SignInRequire checks user status from session.
+// It will assign correspoding values to
+// template data map if user has signed in.
+func SignInRequire(redirect bool) martini.Handler {
+	return func(r render.Render, data base.TmplData, session sessions.Session) {
+		if !IsSignedIn(session) {
+			if redirect {
+				r.Redirect("/")
+			}
+			return
+		}
+
+		data["IsSigned"] = true
+		data["SignedUserId"] = SignedInId(session)
+		data["SignedUserName"] = SignedInName(session)
+		data["Avatar"] = SignedInUser(session).Avatar
+	}
+}
+
+func SignOutRequire() martini.Handler {
+	return func(r render.Render, session sessions.Session) {
+		if IsSignedIn(session) {
+			r.Redirect("/")
+		}
+	}
+}
--- a/routers/dashboard.go
+++ b/routers/dashboard.go
@ -5,14 +5,16 @@
 package routers

 import (
-	"github.com/gogits/gogs/modules/base"
-	"github.com/gogits/gogs/routers/user"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"
+
+	"github.com/gogits/gogs/modules/auth"
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/routers/user"
 )

 func Home(r render.Render, data base.TmplData, session sessions.Session) {
-	if user.IsSignedIn(session) {
+	if auth.IsSignedIn(session) {
 		user.Dashboard(r, data, session)
 		return
 	}
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@ -10,19 +10,21 @@ import (
 	"strconv"

 	"github.com/martini-contrib/render"
+	"github.com/martini-contrib/sessions"

 	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/routers/user"
-	"github.com/martini-contrib/sessions"
+	"github.com/gogits/gogs/modules/auth"
+	"github.com/gogits/gogs/modules/base"
 )

-func Create(req *http.Request, r render.Render, session sessions.Session) {
+func Create(req *http.Request, r render.Render, data base.TmplData, session sessions.Session) {
+	data["Title"] = "Create repository"
+
 	if req.Method == "GET" {
 		r.HTML(200, "repo/create", map[string]interface{}{
-			"Title":    "Create repository",
-			"UserName": user.SignedInName(session),
-			"UserId":   user.SignedInId(session),
-			"IsSigned": user.IsSignedIn(session),
+			"UserName": auth.SignedInName(session),
+			"UserId":   auth.SignedInId(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -42,7 +44,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) {
 		if err == nil {
 			r.HTML(200, "repo/created", map[string]interface{}{
 				"RepoName": u.Name + "/" + req.FormValue("name"),
-				"IsSigned": user.IsSignedIn(session),
+				"IsSigned": auth.IsSignedIn(session),
 			})
 			return
 		}
@ -51,7 +53,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) {
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	}
 }
@ -60,7 +62,7 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) {
 	if req.Method == "GET" {
 		r.HTML(200, "repo/delete", map[string]interface{}{
 			"Title":    "Delete repository",
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -70,19 +72,19 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) {
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	}
 }

 func List(req *http.Request, r render.Render, session sessions.Session) {
-	u := user.SignedInUser(session)
+	u := auth.SignedInUser(session)
 	repos, err := models.GetRepositories(u)
 	fmt.Println("repos", repos)
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": user.IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -90,6 +92,6 @@ func List(req *http.Request, r render.Render, session sessions.Session) {
 	r.HTML(200, "repo/list", map[string]interface{}{
 		"Title":    "repositories",
 		"Repos":    repos,
-		"IsSigned": user.IsSignedIn(session),
+		"IsSigned": auth.IsSignedIn(session),
 	})
 }
--- a/routers/user/ssh.go
+++ b/routers/user/ssh.go
@ -9,21 +9,22 @@ import (
 	"net/http"

 	"github.com/martini-contrib/render"
+	"github.com/martini-contrib/sessions"

 	"github.com/gogits/gogs/models"
-	"github.com/martini-contrib/sessions"
+	"github.com/gogits/gogs/modules/auth"
 )

 func AddPublicKey(req *http.Request, r render.Render, session sessions.Session) {
 	if req.Method == "GET" {
 		r.HTML(200, "user/publickey_add", map[string]interface{}{
 			"Title":    "Add Public Key",
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}

-	k := &models.PublicKey{OwnerId: SignedInId(session),
+	k := &models.PublicKey{OwnerId: auth.SignedInId(session),
 		Name:    req.FormValue("keyname"),
 		Content: req.FormValue("key_content"),
 	}
@ -31,7 +32,7 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session)
 	if err != nil {
 		r.HTML(403, "status/403", map[string]interface{}{
 			"Title":    fmt.Sprintf("%v", err),
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 	} else {
 		r.HTML(200, "user/publickey_added", map[string]interface{}{})
@ -39,11 +40,11 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session)
 }

 func ListPublicKey(req *http.Request, r render.Render, session sessions.Session) {
-	keys, err := models.ListPublicKey(SignedInId(session))
+	keys, err := models.ListPublicKey(auth.SignedInId(session))
 	if err != nil {
 		r.HTML(200, "base/error", map[string]interface{}{
 			"Error":    fmt.Sprintf("%v", err),
-			"IsSigned": IsSignedIn(session),
+			"IsSigned": auth.IsSignedIn(session),
 		})
 		return
 	}
@ -51,6 +52,6 @@ func ListPublicKey(req *http.Request, r render.Render, session sessions.Session)
 	r.HTML(200, "user/publickey_list", map[string]interface{}{
 		"Title":    "repositories",
 		"Keys":     keys,
-		"IsSigned": IsSignedIn(session),
+		"IsSigned": auth.IsSignedIn(session),
 	})
 }
--- a/routers/user/user.go
+++ b/routers/user/user.go
@ -8,7 +8,6 @@ import (
 	"fmt"
 	"net/http"

-	//"github.com/martini-contrib/binding"
 	"github.com/martini-contrib/render"
 	"github.com/martini-contrib/sessions"

@ -19,80 +18,23 @@ import (
 )

 func Dashboard(r render.Render, data base.TmplData, session sessions.Session) {
-	if !IsSignedIn(session) {
-		// todo : direct to logout
-		r.Redirect("/")
-		return
-	}
-
-	data["IsSigned"] = true
-	data["SignedUserId"] = SignedInId(session)
-	data["SignedUserName"] = SignedInName(session)
-	data["PageIsUserDashboard"] = true
-	data["Avatar"] = SignedInUser(session).Avatar
-
 	data["Title"] = "Dashboard"
+	data["PageIsUserDashboard"] = true
 	r.HTML(200, "user/dashboard", data)
 }

 func Profile(r render.Render, data base.TmplData, session sessions.Session) {
 	data["Title"] = "Profile"

-	data["IsSigned"] = IsSignedIn(session)
+	data["IsSigned"] = auth.IsSignedIn(session)
 	// TODO: Need to check view self or others.
-	user := SignedInUser(session)
+	user := auth.SignedInUser(session)
 	data["Avatar"] = user.Avatar
 	data["Username"] = user.Name
 	r.HTML(200, "user/profile", data)
 }

-func IsSignedIn(session sessions.Session) bool {
-	return SignedInId(session) > 0
-}
-
-func SignedInId(session sessions.Session) int64 {
-	userId := session.Get("userId")
-	if userId == nil {
-		return 0
-	}
-	if s, ok := userId.(int64); ok {
-		return s
-	}
-	return 0
-}
-
-func SignedInName(session sessions.Session) string {
-	userName := session.Get("userName")
-	if userName == nil {
-		return ""
-	}
-	if s, ok := userName.(string); ok {
-		return s
-	}
-	return ""
-}
-
-func SignedInUser(session sessions.Session) *models.User {
-	id := SignedInId(session)
-	if id <= 0 {
-		return nil
-	}
-
-	user, err := models.GetUserById(id)
-	if err != nil {
-		log.Error("user.SignedInUser: %v", err)
-		return nil
-	}
-	return user
-}
-
 func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render.Render, session sessions.Session) {
-	// if logged, do not show login page
-	if IsSignedIn(session) {
-		r.Redirect("/")
-		return
-	}
-
 	data["Title"] = "Log In"

 	if req.Method == "GET" {
@ -128,11 +70,6 @@ func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render
 }

 func SignOut(r render.Render, session sessions.Session) {
-	if !IsSignedIn(session) {
-		r.Redirect("/")
-		return
-	}
-
 	session.Delete("userId")
 	session.Delete("userName")
 	r.Redirect("/")
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@ -10,6 +10,7 @@
                <input type="hidden" value="{{.UserId}}" name="userId"/>
            </div>
        </div>
+
        <div class="form-group">
            <label class="col-md-2 control-label">Repository<strong class="text-danger">*</strong></label>
            <div class="col-md-8">
@ -17,12 +18,21 @@
                <span class="help-block">Great repository names are short and memorable. </span>
            </div>
        </div>
+
+        <div class="form-group">
+            <label class="col-md-2 control-label">Visibility<strong class="text-danger">*</strong></label>
+            <div class="col-md-8">
+                <p class="form-control-static">Public</p>
+            </div>
+        </div>
+
        <div class="form-group">
            <label class="col-md-2 control-label">Description</label>
            <div class="col-md-8">
                <textarea name="desc" class="form-control" placeholder="Type your repository name"></textarea>
            </div>
        </div>
+
        <div class="form-group">
            <label class="col-md-2 control-label">Language</label>
            <div class="col-md-8">
@ -36,6 +46,7 @@
                </select>
            </div>
        </div>
+
        <div class="form-group">
            <div class="col-md-8 col-md-offset-2">
                <div class="checkbox">
@ -46,6 +57,7 @@
                </div>
            </div>
        </div>
+
        <div class="form-group">
            <div class="col-md-offset-2 col-md-8">
                <button type="submit" class="btn btn-lg btn-primary">Create repository</button>
--- a/web.go
+++ b/web.go
@ -57,17 +57,17 @@ func runWeb(*cli.Context) {
 	m.Use(sessions.Sessions("my_session", store))

 	// Routers.
-	m.Get("/", routers.Home)
-	m.Any("/user/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
-	m.Any("/user/logout", user.SignOut)
-	m.Any("/user/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
-
+	m.Get("/", auth.SignInRequire(false), routers.Home)
+	m.Any("/user/login", auth.SignOutRequire(), binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
+	m.Any("/user/logout", auth.SignInRequire(true), user.SignOut)
+	m.Any("/user/sign_up", auth.SignOutRequire(), binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
 	m.Get("/user/profile", user.Profile) // should be /username
-	m.Any("/user/delete", user.Delete)
+	m.Any("/user/delete", auth.SignInRequire(true), user.Delete)
 	m.Any("/user/publickey/add", user.AddPublicKey)
 	m.Any("/user/publickey/list", user.ListPublicKey)
-	m.Any("/repo/create", repo.Create)
-	m.Any("/repo/delete", repo.Delete)
+
+	m.Any("/repo/create", auth.SignInRequire(true), repo.Create)
+	m.Any("/repo/delete", auth.SignInRequire(true), repo.Delete)
 	m.Any("/repo/list", repo.List)

 	listenAddr := fmt.Sprintf("%s:%s",