diff options
| author | skyblue <ssx205@gmail.com> | 2014-03-23 22:40:35 +0800 |
|---|---|---|
| committer | skyblue <ssx205@gmail.com> | 2014-03-23 22:40:35 +0800 |
| commit | 4bac3616055110da6f060e98174bc2381ef91286 (patch) | |
| tree | 6fc09df1b6bef1a73fac40771702ae5f4f71f1d4 /modules/middleware/auth.go | |
| parent | b9302749ddc0e0a10911a83bf80e165b792c8c1e (diff) | |
| parent | f7f175a0793a53f3c50d20d89e324a610f94c442 (diff) | |
merge with branch master
Diffstat (limited to 'modules/middleware/auth.go')
| -rw-r--r-- | modules/middleware/auth.go | 62 |
1 files changed, 36 insertions, 26 deletions
diff --git a/modules/middleware/auth.go b/modules/middleware/auth.go index f211de32..82c3367c 100644 --- a/modules/middleware/auth.go +++ b/modules/middleware/auth.go @@ -5,44 +5,54 @@ package middleware import ( + "net/url" + "github.com/codegangsta/martini" "github.com/gogits/gogs/modules/base" ) -// SignInRequire requires user to sign in. -func SignInRequire(redirect bool) martini.Handler { - return func(ctx *Context) { - if !ctx.IsSigned { - if redirect { - ctx.Redirect("/user/login") - } - return - } else if !ctx.User.IsActive && base.Service.RegisterEmailConfirm { - ctx.Data["Title"] = "Activate Your Account" - ctx.HTML(200, "user/active") - return - } - } +type ToggleOptions struct { + SignInRequire bool + SignOutRequire bool + AdminRequire bool + DisableCsrf bool } -// SignOutRequire requires user to sign out. -func SignOutRequire() martini.Handler { +func Toggle(options *ToggleOptions) martini.Handler { return func(ctx *Context) { - if ctx.IsSigned { + if options.SignOutRequire && ctx.IsSigned { ctx.Redirect("/") return } - } -} -// AdminRequire requires user signed in as administor. -func AdminRequire() martini.Handler { - return func(ctx *Context) { - if !ctx.User.IsAdmin { - ctx.Error(403) - return + if !options.DisableCsrf { + if ctx.Req.Method == "POST" { + if !ctx.CsrfTokenValid() { + ctx.Error(403, "CSRF token does not match") + return + } + } + } + + if options.SignInRequire { + if !ctx.IsSigned { + ctx.SetCookie("redirect_to", "/"+url.QueryEscape(ctx.Req.RequestURI)) + ctx.Redirect("/user/login") + return + } else if !ctx.User.IsActive && base.Service.RegisterEmailConfirm { + ctx.Data["Title"] = "Activate Your Account" + ctx.HTML(200, "user/active") + return + } + } + + if options.AdminRequire { + if !ctx.User.IsAdmin { + ctx.Error(403) + return + } + ctx.Data["PageIsAdmin"] = true } - ctx.Data["PageIsAdmin"] = true } } |