Refactoring: rename modules -> pkg

Reasons to change:

1. Shorter than 'modules'
2. More generally used by other Go projects
3. Corresponds to the naming of '$GOPATH/pkg' directory

1 files changed, 147 insertions, 0 deletions

diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
new file mode 100644
index 00000000..fd4d71c9
--- /dev/null
+++ b/pkg/auth/auth.go
@@ -0,0 +1,147 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package auth
+
+import (
+	"strings"
+	"time"
+
+	"github.com/go-macaron/session"
+	gouuid "github.com/satori/go.uuid"
+	log "gopkg.in/clog.v1"
+	"gopkg.in/macaron.v1"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/models/errors"
+	"github.com/gogits/gogs/pkg/base"
+	"github.com/gogits/gogs/pkg/setting"
+)
+
+func IsAPIPath(url string) bool {
+	return strings.HasPrefix(url, "/api/")
+}
+
+// SignedInID returns the id of signed in user.
+func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
+	if !models.HasEngine {
+		return 0
+	}
+
+	// Check access token.
+	if IsAPIPath(ctx.Req.URL.Path) {
+		tokenSHA := ctx.Query("token")
+		if len(tokenSHA) == 0 {
+			// Well, check with header again.
+			auHead := ctx.Req.Header.Get("Authorization")
+			if len(auHead) > 0 {
+				auths := strings.Fields(auHead)
+				if len(auths) == 2 && auths[0] == "token" {
+					tokenSHA = auths[1]
+				}
+			}
+		}
+
+		// Let's see if token is valid.
+		if len(tokenSHA) > 0 {
+			t, err := models.GetAccessTokenBySHA(tokenSHA)
+			if err != nil {
+				if !models.IsErrAccessTokenNotExist(err) && !models.IsErrAccessTokenEmpty(err) {
+					log.Error(2, "GetAccessTokenBySHA: %v", err)
+				}
+				return 0
+			}
+			t.Updated = time.Now()
+			if err = models.UpdateAccessToken(t); err != nil {
+				log.Error(2, "UpdateAccessToken: %v", err)
+			}
+			return t.UID
+		}
+	}
+
+	uid := sess.Get("uid")
+	if uid == nil {
+		return 0
+	}
+	if id, ok := uid.(int64); ok {
+		if _, err := models.GetUserByID(id); err != nil {
+			if !errors.IsUserNotExist(err) {
+				log.Error(2, "GetUserByID: %v", err)
+			}
+			return 0
+		}
+		return id
+	}
+	return 0
+}
+
+// SignedInUser returns the user object of signed user.
+// It returns a bool value to indicate whether user uses basic auth or not.
+func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {
+	if !models.HasEngine {
+		return nil, false
+	}
+
+	uid := SignedInID(ctx, sess)
+
+	if uid <= 0 {
+		if setting.Service.EnableReverseProxyAuth {
+			webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)
+			if len(webAuthUser) > 0 {
+				u, err := models.GetUserByName(webAuthUser)
+				if err != nil {
+					if !errors.IsUserNotExist(err) {
+						log.Error(4, "GetUserByName: %v", err)
+						return nil, false
+					}
+
+					// Check if enabled auto-registration.
+					if setting.Service.EnableReverseProxyAutoRegister {
+						u := &models.User{
+							Name:     webAuthUser,
+							Email:    gouuid.NewV4().String() + "@localhost",
+							Passwd:   webAuthUser,
+							IsActive: true,
+						}
+						if err = models.CreateUser(u); err != nil {
+							// FIXME: should I create a system notice?
+							log.Error(4, "CreateUser: %v", err)
+							return nil, false
+						} else {
+							return u, false
+						}
+					}
+				}
+				return u, false
+			}
+		}
+
+		// Check with basic auth.
+		baHead := ctx.Req.Header.Get("Authorization")
+		if len(baHead) > 0 {
+			auths := strings.Fields(baHead)
+			if len(auths) == 2 && auths[0] == "Basic" {
+				uname, passwd, _ := base.BasicAuthDecode(auths[1])
+
+				u, err := models.UserSignIn(uname, passwd)
+				if err != nil {
+					if !errors.IsUserNotExist(err) {
+						log.Error(4, "UserSignIn: %v", err)
+					}
+					return nil, false
+				}
+
+				return u, true
+			}
+		}
+		return nil, false
+	}
+
+	u, err := models.GetUserByID(uid)
+	if err != nil {
+		log.Error(4, "GetUserById: %v", err)
+		return nil, false
+	}
+	return u, false
+}