diff options
| author | ᴜɴᴋɴᴡᴏɴ <u@gogs.io> | 2020-04-05 06:36:08 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-05 06:36:08 +0800 |
| commit | 07818d5fa5aef7dd7dca1d556f59c7a146a9b00c (patch) | |
| tree | 14c89609a04f269123413f676a8cbe68c197de07 /internal/context | |
| parent | bae1d6ccd81cd427382a2456e7c3646bdac9cf46 (diff) | |
route: no session for routes without UI (#6066)
Not all routes need session, register session and CSRF middleware as global is a waste of resource, and creating a lot one-time off yet never used session records.
Diffstat (limited to 'internal/context')
| -rw-r--r-- | internal/context/auth.go | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/internal/context/auth.go b/internal/context/auth.go index ad583791..424a4f4f 100644 --- a/internal/context/auth.go +++ b/internal/context/auth.go @@ -7,14 +7,12 @@ package context import ( "net/http" "net/url" - "strings" "github.com/go-macaron/csrf" "gopkg.in/macaron.v1" "gogs.io/gogs/internal/auth" "gogs.io/gogs/internal/conf" - "gogs.io/gogs/internal/tool" ) type ToggleOptions struct { @@ -95,18 +93,3 @@ func Toggle(options *ToggleOptions) macaron.Handler { } } } - -// RequireBasicAuth verifies HTTP Basic Authentication header with given credentials. -func (c *Context) RequireBasicAuth(username, password string) { - fields := strings.Fields(c.Req.Header.Get("Authorization")) - if len(fields) != 2 || fields[0] != "Basic" { - c.Status(http.StatusUnauthorized) - return - } - - uname, passwd, _ := tool.BasicAuthDecode(fields[1]) - if uname != username || passwd != password { - c.Status(http.StatusForbidden) - return - } -} |