|
|
|
|
@ -1,4 +1,5 @@
|
|
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
|
|
@ -54,7 +55,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
|
|
|
|
|
// Let's see if token is valid.
|
|
|
|
|
if len(tokenSHA) > 0 {
|
|
|
|
|
if strings.Contains(tokenSHA, ".") {
|
|
|
|
|
uid := checkOAuthAccessToken(tokenSHA)
|
|
|
|
|
uid := CheckOAuthAccessToken(tokenSHA)
|
|
|
|
|
if uid != 0 {
|
|
|
|
|
ctx.Data["IsApiToken"] = true
|
|
|
|
|
}
|
|
|
|
|
@ -85,7 +86,8 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func checkOAuthAccessToken(accessToken string) int64 {
|
|
|
|
|
// CheckOAuthAccessToken returns uid of user from oauth token token
|
|
|
|
|
func CheckOAuthAccessToken(accessToken string) int64 {
|
|
|
|
|
// JWT tokens require a "."
|
|
|
|
|
if !strings.Contains(accessToken, ".") {
|
|
|
|
|
return 0
|
|
|
|
|
@ -178,6 +180,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
|
|
|
|
|
// Assume password is token
|
|
|
|
|
authToken = passwd
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uid := CheckOAuthAccessToken(authToken)
|
|
|
|
|
if uid != 0 {
|
|
|
|
|
var err error
|
|
|
|
|
ctx.Data["IsApiToken"] = true
|
|
|
|
|
|
|
|
|
|
u, err = models.GetUserByID(uid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Error("GetUserByID: %v", err)
|
|
|
|
|
return nil, false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
token, err := models.GetAccessTokenBySHA(authToken)
|
|
|
|
|
if err == nil {
|
|
|
|
|
if isUsernameToken {
|
|
|
|
|
|
techknowlogick
5 years ago
committed by
GitHub