diff options
Diffstat (limited to 'internal/db')
| -rw-r--r-- | internal/db/pull.go | 3 | ||||
| -rw-r--r-- | internal/db/repo.go | 10 | ||||
| -rw-r--r-- | internal/db/repo_editor.go | 39 | ||||
| -rw-r--r-- | internal/db/user.go | 27 | ||||
| -rw-r--r-- | internal/db/users.go | 4 | ||||
| -rw-r--r-- | internal/db/wiki.go | 27 |
6 files changed, 74 insertions, 36 deletions
diff --git a/internal/db/pull.go b/internal/db/pull.go index 11298e0c..e2f55361 100644 --- a/internal/db/pull.go +++ b/internal/db/pull.go @@ -270,10 +270,9 @@ func (pr *PullRequest) Merge(doer *User, baseGitRepo *git.Repository, mergeStyle } // Create a merge commit for the base branch. - sig := doer.NewGitSig() if _, stderr, err = process.ExecDir(-1, tmpBasePath, fmt.Sprintf("PullRequest.Merge (git merge): %s", tmpBasePath), - "git", "commit", fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email), + "git", "commit", fmt.Sprintf("--author='%s <%s>'", doer.DisplayName(), doer.Email), "-m", fmt.Sprintf("Merge branch '%s' of %s/%s into %s", pr.HeadBranch, pr.HeadUserName, pr.HeadRepo.Name, pr.BaseBranch), "-m", commitDescription); err != nil { return fmt.Errorf("git commit [%s]: %v - %s", tmpBasePath, err, stderr) diff --git a/internal/db/repo.go b/internal/db/repo.go index 97228015..7c307144 100644 --- a/internal/db/repo.go +++ b/internal/db/repo.go @@ -1040,7 +1040,15 @@ func initRepository(e Engine, repoPath string, doer *User, repo *Repository, opt } // Apply changes and commit. - if err = initRepoCommit(tmpDir, doer.NewGitSig()); err != nil { + err = initRepoCommit( + tmpDir, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + ) + if err != nil { return fmt.Errorf("initRepoCommit: %v", err) } } diff --git a/internal/db/repo_editor.go b/internal/db/repo_editor.go index 63c88b76..3edb16e2 100644 --- a/internal/db/repo_editor.go +++ b/internal/db/repo_editor.go @@ -183,7 +183,18 @@ func (repo *Repository) UpdateRepoFile(doer *User, opts UpdateRepoFileOptions) ( if err = git.Add(localPath, git.AddOptions{All: true}); err != nil { return fmt.Errorf("git add --all: %v", err) - } else if err = git.CreateCommit(localPath, doer.NewGitSig(), opts.Message); err != nil { + } + + err = git.CreateCommit( + localPath, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + opts.Message, + ) + if err != nil { return fmt.Errorf("commit changes on %q: %v", localPath, err) } @@ -294,7 +305,18 @@ func (repo *Repository) DeleteRepoFile(doer *User, opts DeleteRepoFileOptions) ( if err = git.Add(localPath, git.AddOptions{All: true}); err != nil { return fmt.Errorf("git add --all: %v", err) - } else if err = git.CreateCommit(localPath, doer.NewGitSig(), opts.Message); err != nil { + } + + err = git.CreateCommit( + localPath, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + opts.Message, + ) + if err != nil { return fmt.Errorf("commit changes to %q: %v", localPath, err) } @@ -531,7 +553,18 @@ func (repo *Repository) UploadRepoFiles(doer *User, opts UploadRepoFileOptions) if err = git.Add(localPath, git.AddOptions{All: true}); err != nil { return fmt.Errorf("git add --all: %v", err) - } else if err = git.CreateCommit(localPath, doer.NewGitSig(), opts.Message); err != nil { + } + + err = git.CreateCommit( + localPath, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + opts.Message, + ) + if err != nil { return fmt.Errorf("commit changes on %q: %v", localPath, err) } diff --git a/internal/db/user.go b/internal/db/user.go index 95ee70c2..bf432a6a 100644 --- a/internal/db/user.go +++ b/internal/db/user.go @@ -7,8 +7,6 @@ package db import ( "bytes" "context" - "crypto/sha256" - "crypto/subtle" "encoding/hex" "fmt" "image" @@ -22,7 +20,6 @@ import ( "github.com/nfnt/resize" "github.com/unknwon/com" - "golang.org/x/crypto/pbkdf2" log "unknwon.dev/clog/v2" "xorm.io/xorm" @@ -61,28 +58,6 @@ func (u *User) AfterSet(colName string, _ xorm.Cell) { } } -// NewGitSig generates and returns the signature of given user. -func (u *User) NewGitSig() *git.Signature { - return &git.Signature{ - Name: u.DisplayName(), - Email: u.Email, - When: time.Now(), - } -} - -// EncodePassword encodes password to safe format. -func (u *User) EncodePassword() { - newPasswd := pbkdf2.Key([]byte(u.Password), []byte(u.Salt), 10000, 50, sha256.New) - u.Password = fmt.Sprintf("%x", newPasswd) -} - -// ValidatePassword checks if given password matches the one belongs to the user. -func (u *User) ValidatePassword(passwd string) bool { - newUser := &User{Password: passwd, Salt: u.Salt} - newUser.EncodePassword() - return subtle.ConstantTimeCompare([]byte(u.Password), []byte(newUser.Password)) == 1 -} - // UploadAvatar saves custom avatar for user. // FIXME: split uploads to different subdirs in case we have massive number of users. func (u *User) UploadAvatar(data []byte) error { @@ -343,7 +318,7 @@ func CreateUser(u *User) (err error) { if u.Salt, err = GetUserSalt(); err != nil { return err } - u.EncodePassword() + u.Password = userutil.EncodePassword(u.Password, u.Salt) u.MaxRepoCreation = -1 sess := x.NewSession() diff --git a/internal/db/users.go b/internal/db/users.go index d537b8d3..fa327157 100644 --- a/internal/db/users.go +++ b/internal/db/users.go @@ -117,7 +117,7 @@ func (db *users) Authenticate(ctx context.Context, login, password string, login // Validate password hash fetched from database for local accounts. if user.IsLocal() { - if user.ValidatePassword(password) { + if userutil.ValidatePassword(user.Password, user.Salt, password) { return user, nil } @@ -262,7 +262,7 @@ func (db *users) Create(ctx context.Context, username, email string, opts Create if err != nil { return nil, err } - user.EncodePassword() + user.Password = userutil.EncodePassword(user.Password, user.Salt) return user, db.WithContext(ctx).Create(user).Error } diff --git a/internal/db/wiki.go b/internal/db/wiki.go index 9f184929..8606b9a5 100644 --- a/internal/db/wiki.go +++ b/internal/db/wiki.go @@ -12,6 +12,7 @@ import ( "path" "path/filepath" "strings" + "time" "github.com/unknwon/com" @@ -130,7 +131,18 @@ func (repo *Repository) updateWikiPage(doer *User, oldTitle, title, content, mes } if err = git.Add(localPath, git.AddOptions{All: true}); err != nil { return fmt.Errorf("add all changes: %v", err) - } else if err = git.CreateCommit(localPath, doer.NewGitSig(), message); err != nil { + } + + err = git.CreateCommit( + localPath, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + message, + ) + if err != nil { return fmt.Errorf("commit changes: %v", err) } else if err = git.Push(localPath, "origin", "master"); err != nil { return fmt.Errorf("push: %v", err) @@ -166,7 +178,18 @@ func (repo *Repository) DeleteWikiPage(doer *User, title string) (err error) { if err = git.Add(localPath, git.AddOptions{All: true}); err != nil { return fmt.Errorf("add all changes: %v", err) - } else if err = git.CreateCommit(localPath, doer.NewGitSig(), message); err != nil { + } + + err = git.CreateCommit( + localPath, + &git.Signature{ + Name: doer.DisplayName(), + Email: doer.Email, + When: time.Now(), + }, + message, + ) + if err != nil { return fmt.Errorf("commit changes: %v", err) } else if err = git.Push(localPath, "origin", "master"); err != nil { return fmt.Errorf("push: %v", err) |