conf: overhaul security settings

3 files changed, 43 insertions, 44 deletions

diff --git a/internal/conf/conf.go b/internal/conf/conf.go
index 01585f1a..0e95bdce 100644
--- a/internal/conf/conf.go
+++ b/internal/conf/conf.go
@@ -5,6 +5,7 @@
 package conf
 
 import (
+	"fmt"
 	"net/mail"
 	"net/url"
 	"os"
@@ -27,7 +28,6 @@ import (
 
 	"gogs.io/gogs/internal/assets/conf"
 	"gogs.io/gogs/internal/osutil"
-	"gogs.io/gogs/internal/user"
 )
 
 func init() {
@@ -192,30 +192,27 @@ func Init(customConf string) error {
 	}
 	Database.Path = ensureAbs(Database.Path)
 
-	handleDeprecated()
+	// *******************************
+	// ----- Security settings -----
+	// *******************************
 
-	// TODO
+	if err = File.Section("security").MapTo(&Security); err != nil {
+		return errors.Wrap(err, "mapping [security] section")
+	}
 
-	sec := File.Section("security")
-	InstallLock = sec.Key("INSTALL_LOCK").MustBool()
-	SecretKey = sec.Key("SECRET_KEY").String()
-	LoginRememberDays = sec.Key("LOGIN_REMEMBER_DAYS").MustInt()
-	CookieUserName = sec.Key("COOKIE_USERNAME").String()
-	CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").String()
-	CookieSecure = sec.Key("COOKIE_SECURE").MustBool(false)
-	ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
-	EnableLoginStatusCookie = sec.Key("ENABLE_LOGIN_STATUS_COOKIE").MustBool(false)
-	LoginStatusCookieName = sec.Key("LOGIN_STATUS_COOKIE_NAME").MustString("login_status")
-
-	// Does not check run user when the install lock is off.
-	if InstallLock {
-		currentUser, match := IsRunUserMatchCurrentUser(App.RunUser)
+	// Check run user when the install is locked.
+	if Security.InstallLock {
+		currentUser, match := CheckRunUser(App.RunUser)
 		if !match {
-			log.Fatal("The user configured to run Gogs is %q, but the current user is %q", App.RunUser, currentUser)
+			return fmt.Errorf("user configured to run Gogs is %q, but the current user is %q", App.RunUser, currentUser)
 		}
 	}
 
-	sec = File.Section("attachment")
+	handleDeprecated()
+
+	// TODO
+
+	sec := File.Section("attachment")
 	AttachmentPath = sec.Key("PATH").MustString(filepath.Join(Server.AppDataPath, "attachments"))
 	if !filepath.IsAbs(AttachmentPath) {
 		AttachmentPath = path.Join(workDir, AttachmentPath)
@@ -342,17 +339,6 @@ var (
 		AccessControlAllowOrigin string
 	}
 
-	// Security settings
-	InstallLock             bool
-	SecretKey               string
-	LoginRememberDays       int
-	CookieUserName          string
-	CookieRememberName      string
-	CookieSecure            bool
-	ReverseProxyAuthUser    string
-	EnableLoginStatusCookie bool
-	LoginStatusCookieName   string
-
 	// Database settings
 	UseSQLite3    bool
 	UseMySQL      bool
@@ -539,19 +525,6 @@ func DateLang(lang string) string {
 	return "en"
 }
 
-// IsRunUserMatchCurrentUser returns false if configured run user does not match
-// actual user that runs the app. The first return value is the actual user name.
-// This check is ignored under Windows since SSH remote login is not the main
-// method to login on Windows.
-func IsRunUserMatchCurrentUser(runUser string) (string, bool) {
-	if IsWindowsRuntime() {
-		return "", true
-	}
-
-	currentUser := user.CurrentUsername()
-	return currentUser, runUser == currentUser
-}
-
 // InitLogging initializes the logging service of the application.
 func InitLogging() {
 	LogRootPath = File.Section("log").Key("ROOT_PATH").MustString(filepath.Join(WorkDir(), "log"))
@@ -585,7 +558,7 @@ func InitLogging() {
 			return
 		}
 
-		level := levelMappings[sec.Key("LEVEL").MustString("trace")]
+		level := levelMappings[strings.ToLower(sec.Key("LEVEL").MustString("trace"))]
 		buffer := sec.Key("BUFFER_LEN").MustInt64(100)
 		c := new(config)
 		switch mode {
diff --git a/internal/conf/static.go b/internal/conf/static.go
index 80857f3a..cc305b9b 100644
--- a/internal/conf/static.go
+++ b/internal/conf/static.go
@@ -139,6 +139,19 @@ var (
 		// Deprecated: Use Password instead, will be removed in 0.13.
 		Passwd string
 	}
+
+	// Security settings
+	Security struct {
+		InstallLock                    bool
+		SecretKey                      string
+		LoginRememberDays              int
+		CookieRememberName             string
+		CookieUsername                 string
+		CookieSecure                   bool
+		ReverseProxyAuthenticationUser string
+		EnableLoginStatusCookie        bool
+		LoginStatusCookieName          string
+	}
 )
 
 // handleDeprecated transfers deprecated values to the new ones when set.
diff --git a/internal/conf/utils.go b/internal/conf/utils.go
index 5da34f0c..edead54a 100644
--- a/internal/conf/utils.go
+++ b/internal/conf/utils.go
@@ -10,6 +10,7 @@ import (
 
 	"github.com/pkg/errors"
 
+	"gogs.io/gogs/internal/osutil"
 	"gogs.io/gogs/internal/process"
 )
 
@@ -34,3 +35,15 @@ func ensureAbs(path string) string {
 	}
 	return filepath.Join(WorkDir(), path)
 }
+
+// CheckRunUser returns false if configured run user does not match actual user that
+// runs the app. The first return value is the actual user name. This check is ignored
+// under Windows since SSH remote login is not the main method to login on Windows.
+func CheckRunUser(runUser string) (string, bool) {
+	if IsWindowsRuntime() {
+		return "", true
+	}
+
+	currentUser := osutil.CurrentUsername()
+	return currentUser, runUser == currentUser
+}