3 files changed, 57 insertions, 5 deletions

diff --git a/modules/middleware/auth.go b/modules/middleware/auth.go
index 2a02d276..db643ccf 100644
--- a/modules/middleware/auth.go
+++ b/modules/middleware/auth.go
@@ -5,12 +5,16 @@
 package middleware
 
 import (
+	"fmt"
 	"net/url"
 
 	"github.com/Unknwon/macaron"
 	"github.com/macaron-contrib/csrf"
 
+	"github.com/gogits/gogs/models"
 	"github.com/gogits/gogs/modules/auth"
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/setting"
 )
 
@@ -21,6 +25,41 @@ type ToggleOptions struct {
 	DisableCsrf    bool
 }
 
+// AutoSignIn reads cookie and try to auto-login.
+func AutoSignIn(ctx *Context) (bool, error) {
+	uname := ctx.GetCookie(setting.CookieUserName)
+	if len(uname) == 0 {
+		return false, nil
+	}
+
+	isSucceed := false
+	defer func() {
+		if !isSucceed {
+			log.Trace("auto-login cookie cleared: %s", uname)
+			ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
+			ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
+		}
+	}()
+
+	u, err := models.GetUserByName(uname)
+	if err != nil {
+		if !models.IsErrUserNotExist(err) {
+			return false, fmt.Errorf("GetUserByName: %v", err)
+		}
+		return false, nil
+	}
+
+	if val, _ := ctx.GetSuperSecureCookie(
+		base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name {
+		return false, nil
+	}
+
+	isSucceed = true
+	ctx.Session.Set("uid", u.Id)
+	ctx.Session.Set("uname", u.Name)
+	return true, nil
+}
+
 func Toggle(options *ToggleOptions) macaron.Handler {
 	return func(ctx *Context) {
 		// Cannot view any page before installation.
diff --git a/modules/middleware/context.go b/modules/middleware/context.go
index 2995d578..9870b415 100644
--- a/modules/middleware/context.go
+++ b/modules/middleware/context.go
@@ -72,9 +72,14 @@ type RepoContext struct {
 	Mirror       *models.Mirror
 }
 
-// Return if the current user has write access for this repository
+// IsOwner returns true if current user is the owner of repository.
 func (r RepoContext) IsOwner() bool {
-	return r.AccessMode >= models.ACCESS_MODE_WRITE
+	return r.AccessMode >= models.ACCESS_MODE_OWNER
+}
+
+// IsAdmin returns true if current user has admin or higher access of repository.
+func (r RepoContext) IsAdmin() bool {
+	return r.AccessMode >= models.ACCESS_MODE_ADMIN
 }
 
 // Return if the current user has read access for this repository
@@ -197,6 +202,14 @@ func Contexter() macaron.Handler {
 
 		ctx.Data["PageStartTime"] = time.Now()
 
+		// Check auto-signin.
+		if sess.Get("uid") == nil {
+			if _, err := AutoSignIn(ctx); err != nil {
+				ctx.Handle(500, "AutoSignIn", err)
+				return
+			}
+		}
+
 		// Get user from session if logined.
 		ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Req.Request, ctx.Session)
 
diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go
index c4c53c03..d3995d29 100644
--- a/modules/middleware/repo.go
+++ b/modules/middleware/repo.go
@@ -324,8 +324,8 @@ func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
 		ctx.Data["Title"] = u.Name + "/" + repo.Name
 		ctx.Data["Repository"] = repo
 		ctx.Data["Owner"] = ctx.Repo.Repository.Owner
-		ctx.Data["IsRepositoryOwner"] = ctx.Repo.AccessMode >= models.ACCESS_MODE_WRITE
-		ctx.Data["IsRepositoryAdmin"] = ctx.Repo.AccessMode >= models.ACCESS_MODE_ADMIN
+		ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner()
+		ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin()
 
 		ctx.Data["DisableSSH"] = setting.DisableSSH
 		ctx.Repo.CloneLink, err = repo.CloneLink()
@@ -388,7 +388,7 @@ func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
 
 func RequireRepoAdmin() macaron.Handler {
 	return func(ctx *Context) {
-		if ctx.Repo.AccessMode < models.ACCESS_MODE_ADMIN {
+		if !ctx.Repo.IsAdmin() {
 			if !ctx.IsSigned {
 				ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
 				ctx.Redirect(setting.AppSubUrl + "/user/login")