-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
- Loading branch information
Showing
76 changed files
with
7,275 additions
and
137 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
// Copyright 2017 The Gitea Authors. All rights reserved. | ||
// Use of this source code is governed by a MIT-style | ||
// license that can be found in the LICENSE file. | ||
|
||
package models | ||
|
||
import "github.com/markbates/goth" | ||
|
||
// ExternalLoginUser makes the connecting between some existing user and additional external login sources | ||
type ExternalLoginUser struct { | ||
ExternalID string `xorm:"NOT NULL"` | ||
UserID int64 `xorm:"NOT NULL"` | ||
LoginSourceID int64 `xorm:"NOT NULL"` | ||
} | ||
|
||
// GetExternalLogin checks if a externalID in loginSourceID scope already exists | ||
func GetExternalLogin(externalLoginUser *ExternalLoginUser) (bool, error) { | ||
return x.Get(externalLoginUser) | ||
} | ||
|
||
// ListAccountLinks returns a map with the ExternalLoginUser and its LoginSource | ||
func ListAccountLinks(user *User) ([]*ExternalLoginUser, error) { | ||
externalAccounts := make([]*ExternalLoginUser, 0, 5) | ||
err := x.Where("user_id=?", user.ID). | ||
Desc("login_source_id"). | ||
Find(&externalAccounts) | ||
|
||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
return externalAccounts, nil | ||
} | ||
|
||
// LinkAccountToUser link the gothUser to the user | ||
func LinkAccountToUser(user *User, gothUser goth.User) error { | ||
loginSource, err := GetActiveOAuth2LoginSourceByName(gothUser.Provider) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
externalLoginUser := &ExternalLoginUser{ | ||
ExternalID: gothUser.UserID, | ||
UserID: user.ID, | ||
LoginSourceID: loginSource.ID, | ||
} | ||
has, err := x.Get(externalLoginUser) | ||
if err != nil { | ||
return err | ||
} else if has { | ||
return ErrExternalLoginUserAlreadyExist{gothUser.UserID, user.ID, loginSource.ID} | ||
} | ||
|
||
_, err = x.Insert(externalLoginUser) | ||
return err | ||
} | ||
|
||
// RemoveAccountLink will remove all external login sources for the given user | ||
func RemoveAccountLink(user *User, loginSourceID int64) (int64, error) { | ||
deleted, err := x.Delete(&ExternalLoginUser{UserID: user.ID, LoginSourceID: loginSourceID}) | ||
if err != nil { | ||
return deleted, err | ||
} | ||
if deleted < 1 { | ||
return deleted, ErrExternalLoginUserNotExist{user.ID, loginSourceID} | ||
} | ||
return deleted, err | ||
} | ||
|
||
// RemoveAllAccountLinks will remove all external login sources for the given user | ||
func RemoveAllAccountLinks(user *User) error { | ||
_, err := x.Delete(&ExternalLoginUser{UserID: user.ID}) | ||
return err | ||
} |
Oops, something went wrong.