From e41ab839c7dbbdffc60a4e02775f24add9d126d9 Mon Sep 17 00:00:00 2001 From: Unknown Date: Fri, 4 Apr 2014 18:55:17 -0400 Subject: Use session for rolling back --- models/user.go | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'models/user.go') diff --git a/models/user.go b/models/user.go index 2641a15f..1ec3b295 100644 --- a/models/user.go +++ b/models/user.go @@ -218,11 +218,18 @@ func ChangeUserName(user *User, newUserName string) (err error) { if err = orm.Find(&accesses, &Access{UserName: user.LowerName}); err != nil { return err } + + sess := orm.NewSession() + defer sess.Close() + if err = sess.Begin(); err != nil { + return err + } + for i := range accesses { accesses[i].UserName = newUserName if strings.HasPrefix(accesses[i].RepoName, user.LowerName+"/") { accesses[i].RepoName = strings.Replace(accesses[i].RepoName, user.LowerName, newUserName, 1) - if err = UpdateAccess(&accesses[i]); err != nil { + if err = UpdateAccessWithSession(sess, &accesses[i]); err != nil { return err } } @@ -241,14 +248,19 @@ func ChangeUserName(user *User, newUserName string) (err error) { for j := range accesses { accesses[j].RepoName = newUserName + "/" + repos[i].LowerName - if err = UpdateAccess(&accesses[j]); err != nil { + if err = UpdateAccessWithSession(sess, &accesses[j]); err != nil { return err } } } // Change user directory name. - return os.Rename(UserPath(user.LowerName), UserPath(newUserName)) + if err = os.Rename(UserPath(user.LowerName), UserPath(newUserName)); err != nil { + sess.Rollback() + return err + } + + return sess.Commit() } // UpdateUser updates user's information. -- cgit v1.2.3 From b7c3b0cc73ad8721e2eec59d018a91850ba7f750 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 5 Apr 2014 12:32:34 -0400 Subject: Add reset password, fix #58 --- models/user.go | 15 ++++++ modules/base/template.go | 4 ++ modules/mailer/mail.go | 22 ++++++++- routers/user/user.go | 84 ++++++++++++++++++++++++++++++++- templates/mail/auth/reset_passwd.tmpl | 33 +++++++++++++ templates/mail/auth/reset_password.html | 25 ---------- templates/user/forgot_passwd.tmpl | 30 ++++++++++++ templates/user/reset_passwd.tmpl | 26 ++++++++++ templates/user/signin.tmpl | 2 +- web.go | 2 + 10 files changed, 214 insertions(+), 29 deletions(-) create mode 100644 templates/mail/auth/reset_passwd.tmpl delete mode 100644 templates/mail/auth/reset_password.html create mode 100644 templates/user/forgot_passwd.tmpl create mode 100644 templates/user/reset_passwd.tmpl (limited to 'models/user.go') diff --git a/models/user.go b/models/user.go index 1ec3b295..2196eae8 100644 --- a/models/user.go +++ b/models/user.go @@ -367,6 +367,21 @@ func GetUserByName(name string) (*User, error) { return user, nil } +// GetUserByEmail returns the user object by given e-mail if exists. +func GetUserByEmail(email string) (*User, error) { + if len(email) == 0 { + return nil, ErrUserNotExist + } + user := &User{Email: strings.ToLower(email)} + has, err := orm.Get(user) + if err != nil { + return nil, err + } else if !has { + return nil, ErrUserNotExist + } + return user, nil +} + // LoginUserPlain validates user by raw user name and password. func LoginUserPlain(name, passwd string) (*User, error) { user := User{LowerName: strings.ToLower(name), Passwd: passwd} diff --git a/modules/base/template.go b/modules/base/template.go index dfcae931..56b77a5d 100644 --- a/modules/base/template.go +++ b/modules/base/template.go @@ -67,6 +67,10 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{ "DateFormat": DateFormat, "List": List, "Mail2Domain": func(mail string) string { + if !strings.Contains(mail, "@") { + return "try.gogits.org" + } + suffix := strings.SplitN(mail, "@", 2)[1] domain, ok := mailDomains[suffix] if !ok { diff --git a/modules/mailer/mail.go b/modules/mailer/mail.go index b99fc8fd..eee6b916 100644 --- a/modules/mailer/mail.go +++ b/modules/mailer/mail.go @@ -86,7 +86,27 @@ func SendActiveMail(r *middleware.Render, user *models.User) { } msg := NewMailMessage([]string{user.Email}, subject, body) - msg.Info = fmt.Sprintf("UID: %d, send email verify mail", user.Id) + msg.Info = fmt.Sprintf("UID: %d, send active mail", user.Id) + + SendAsync(&msg) +} + +// Send reset password email. +func SendResetPasswdMail(r *middleware.Render, user *models.User) { + code := CreateUserActiveCode(user, nil) + + subject := "Reset your password" + + data := GetMailTmplData(user) + data["Code"] = code + body, err := r.HTMLString("mail/auth/reset_passwd", data) + if err != nil { + log.Error("mail.SendResetPasswdMail(fail to render): %v", err) + return + } + + msg := NewMailMessage([]string{user.Email}, subject, body) + msg.Info = fmt.Sprintf("UID: %d, send reset password email", user.Id) SendAsync(&msg) } diff --git a/routers/user/user.go b/routers/user/user.go index 08930e22..872ed0d6 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -403,9 +403,12 @@ func Activate(ctx *middleware.Context) { if user := models.VerifyUserActiveCode(code); user != nil { user.IsActive = true user.Rands = models.GetUserSalt() - models.UpdateUser(user) + if err := models.UpdateUser(user); err != nil { + ctx.Handle(404, "user.Activate", err) + return + } - log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.LowerName) + log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name) ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) @@ -416,3 +419,80 @@ func Activate(ctx *middleware.Context) { ctx.Data["IsActivateFailed"] = true ctx.HTML(200, "user/active") } + +func ForgotPasswd(ctx *middleware.Context) { + ctx.Data["Title"] = "Forgot Password" + + if base.MailService == nil { + ctx.Data["IsResetDisable"] = true + ctx.HTML(200, "user/forgot_passwd") + return + } + + ctx.Data["IsResetRequest"] = true + if ctx.Req.Method == "GET" { + ctx.HTML(200, "user/forgot_passwd") + return + } + + email := ctx.Query("email") + u, err := models.GetUserByEmail(email) + if err != nil { + if err == models.ErrUserNotExist { + ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil) + } else { + ctx.Handle(404, "user.ResetPasswd(check existence)", err) + } + return + } + + mailer.SendResetPasswdMail(ctx.Render, u) + ctx.Data["Email"] = email + ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60 + ctx.Data["IsResetSent"] = true + ctx.HTML(200, "user/forgot_passwd") +} + +func ResetPasswd(ctx *middleware.Context) { + code := ctx.Query("code") + if len(code) == 0 { + ctx.Error(404) + return + } + ctx.Data["Code"] = code + + if ctx.Req.Method == "GET" { + ctx.Data["IsResetForm"] = true + ctx.HTML(200, "user/reset_passwd") + return + } + + if u := models.VerifyUserActiveCode(code); u != nil { + // Validate password length. + passwd := ctx.Query("passwd") + if len(passwd) < 6 || len(passwd) > 30 { + ctx.Data["IsResetForm"] = true + ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil) + return + } + + u.Passwd = passwd + if err := u.EncodePasswd(); err != nil { + ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err) + return + } + + u.Rands = models.GetUserSalt() + if err := models.UpdateUser(u); err != nil { + ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err) + return + } + + log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name) + ctx.Redirect("/user/login") + return + } + + ctx.Data["IsResetFailed"] = true + ctx.HTML(200, "user/reset_passwd") +} diff --git a/templates/mail/auth/reset_passwd.tmpl b/templates/mail/auth/reset_passwd.tmpl new file mode 100644 index 00000000..11861f4e --- /dev/null +++ b/templates/mail/auth/reset_passwd.tmpl @@ -0,0 +1,33 @@ + + + + +{{.User.Name}}, please reset your password + + +
+
+
+
+

{{.AppName}}

+
+
+ Hi {{.User.Name}}, +
+
+

Please click following link to reset your password within {{.ActiveCodeLives}} hours.

+

+ {{.AppUrl}}user/reset_password?code={{.Code}} +

+

Copy and paste it to your browser if the link is not working.

+
+
+
+
+
+ © 2014 Gogs: Go Git Service +
+
+
+ + \ No newline at end of file diff --git a/templates/mail/auth/reset_password.html b/templates/mail/auth/reset_password.html deleted file mode 100644 index 40a9efa8..00000000 --- a/templates/mail/auth/reset_password.html +++ /dev/null @@ -1,25 +0,0 @@ -{{template "mail/base.html" .}} -{{define "title"}} - {{if eq .Lang "zh-CN"}} - {{.User.NickName}},重置账户密码 - {{end}} - {{if eq .Lang "en-US"}} - {{.User.NickName}}, reset your password - {{end}} -{{end}} -{{define "body"}} - {{if eq .Lang "zh-CN"}} -

点击链接重置密码,{{.ResetPwdCodeLives}} 分钟内有效

-

- {{.AppUrl}}reset/{{.Code}} -

-

如果链接点击无反应,请复制到浏览器打开。

- {{end}} - {{if eq .Lang "en-US"}} -

Please click following link to reset your password in {{.ResetPwdCodeLives}} hours

-

- {{.AppUrl}}reset/{{.Code}} -

-

Copy and paste it to your browser if it's not working.

- {{end}} -{{end}} \ No newline at end of file diff --git a/templates/user/forgot_passwd.tmpl b/templates/user/forgot_passwd.tmpl new file mode 100644 index 00000000..ff25406f --- /dev/null +++ b/templates/user/forgot_passwd.tmpl @@ -0,0 +1,30 @@ +{{template "base/head" .}} +{{template "base/navbar" .}} +
+
+ {{.CsrfTokenHtml}} +

Reset Your Password

+
{{.ErrorMsg}}
+ {{if .IsResetSent}} +

A confirmation e-mail has been sent to {{.Email}}, please check your inbox within {{.Hours}} hours.

+
+ Sign in to your e-mail + {{else if .IsResetRequest}} +
+ +
+ +
+
+
+
+
+ +
+
+ {{else if .IsResetDisable}} +

Sorry, mail service is not enabled.

+ {{end}} +
+
+{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/user/reset_passwd.tmpl b/templates/user/reset_passwd.tmpl new file mode 100644 index 00000000..9190c7c1 --- /dev/null +++ b/templates/user/reset_passwd.tmpl @@ -0,0 +1,26 @@ +{{template "base/head" .}} +{{template "base/navbar" .}} +
+
+ {{.CsrfTokenHtml}} +

Reset Your Pasword

+
{{.ErrorMsg}}
+ {{if .IsResetForm}} +
+ +
+ +
+
+
+
+
+ +
+
+ {{else}} +

Sorry, your confirmation code has been exipired or not valid.

+ {{end}} +
+
+{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl index b6c39af1..43f47e41 100644 --- a/templates/user/signin.tmpl +++ b/templates/user/signin.tmpl @@ -33,7 +33,7 @@
- Forgot your password? + Forgot your password?
diff --git a/web.go b/web.go index 0594d8e6..b5e4af3e 100644 --- a/web.go +++ b/web.go @@ -92,6 +92,8 @@ func runWeb(*cli.Context) { // r.Any("/login/github", user.SocialSignIn) r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) + r.Any("/forget_password", user.ForgotPasswd) + r.Any("/reset_password", user.ResetPasswd) }, reqSignOut) m.Group("/user", func(r martini.Router) { r.Any("/logout", user.SignOut) -- cgit v1.2.3 From e7c8a3cb8d26da68b09f799585c03970cd243be1 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sun, 6 Apr 2014 16:10:57 -0400 Subject: Add salt for every single user --- .gopmfile | 1 - README.md | 4 ++-- README_ZH.md | 2 +- gogs.go | 2 +- models/user.go | 31 ++++++++++++++++--------------- modules/base/tool.go | 40 ++++++++++++++++++++++++++++++++++++++++ routers/user/setting.go | 7 ++----- routers/user/user.go | 7 ++----- 8 files changed, 64 insertions(+), 30 deletions(-) (limited to 'models/user.go') diff --git a/.gopmfile b/.gopmfile index 9bdca49f..c9fad8a0 100644 --- a/.gopmfile +++ b/.gopmfile @@ -7,7 +7,6 @@ github.com/go-martini/martini = github.com/Unknwon/com = github.com/Unknwon/cae = github.com/Unknwon/goconfig = -github.com/dchest/scrypt = github.com/nfnt/resize = github.com/lunny/xorm = github.com/go-sql-driver/mysql = diff --git a/README.md b/README.md index ede1894a..fe15328b 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### Current version: 0.2.1 Alpha +##### Current version: 0.2.2 Alpha -#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site. +#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in April 6, 2014 and will reset multiple times after. Please do NOT put your important data on the site. #### Other language version diff --git a/README_ZH.md b/README_ZH.md index 9b5e4641..015ee0af 100644 --- a/README_ZH.md +++ b/README_ZH.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。 ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### 当前版本:0.2.1 Alpha +##### 当前版本:0.2.2 Alpha ## 开发目的 diff --git a/gogs.go b/gogs.go index 0e48ff7b..e7197482 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.1.0406 Alpha" +const APP_VER = "0.2.2.0406 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/user.go b/models/user.go index 2196eae8..a5a6de09 100644 --- a/models/user.go +++ b/models/user.go @@ -5,6 +5,7 @@ package models import ( + "crypto/sha256" "encoding/hex" "errors" "fmt" @@ -13,8 +14,6 @@ import ( "strings" "time" - "github.com/dchest/scrypt" - "github.com/gogits/git" "github.com/gogits/gogs/modules/base" @@ -62,6 +61,7 @@ type User struct { IsActive bool IsAdmin bool Rands string `xorm:"VARCHAR(10)"` + Salt string `xorm:"VARCHAR(10)"` Created time.Time `xorm:"created"` Updated time.Time `xorm:"updated"` } @@ -89,10 +89,9 @@ func (user *User) NewGitSig() *git.Signature { } // EncodePasswd encodes password to safe format. -func (user *User) EncodePasswd() error { - newPasswd, err := scrypt.Key([]byte(user.Passwd), []byte(base.SecretKey), 16384, 8, 1, 64) +func (user *User) EncodePasswd() { + newPasswd := base.PBKDF2([]byte(user.Passwd), []byte(user.Salt), 10000, 50, sha256.New) user.Passwd = fmt.Sprintf("%x", newPasswd) - return err } // Member represents user is member of organization. @@ -148,9 +147,9 @@ func RegisterUser(user *User) (*User, error) { user.Avatar = base.EncodeMd5(user.Email) user.AvatarEmail = user.Email user.Rands = GetUserSalt() - if err = user.EncodePasswd(); err != nil { - return nil, err - } else if _, err = orm.Insert(user); err != nil { + user.Salt = GetUserSalt() + user.EncodePasswd() + if _, err = orm.Insert(user); err != nil { return nil, err } else if err = os.MkdirAll(UserPath(user.Name), os.ModePerm); err != nil { if _, err := orm.Id(user.Id).Delete(&User{}); err != nil { @@ -384,18 +383,20 @@ func GetUserByEmail(email string) (*User, error) { // LoginUserPlain validates user by raw user name and password. func LoginUserPlain(name, passwd string) (*User, error) { - user := User{LowerName: strings.ToLower(name), Passwd: passwd} - if err := user.EncodePasswd(); err != nil { - return nil, err - } - + user := User{LowerName: strings.ToLower(name)} has, err := orm.Get(&user) if err != nil { return nil, err } else if !has { - err = ErrUserNotExist + return nil, ErrUserNotExist + } + + newUser := &User{Passwd: passwd, Salt: user.Salt} + newUser.EncodePasswd() + if user.Passwd != newUser.Passwd { + return nil, ErrUserNotExist } - return &user, err + return &user, nil } // Follow is connection request for receiving user notifycation. diff --git a/modules/base/tool.go b/modules/base/tool.go index 3946c4b5..f7d1bc2c 100644 --- a/modules/base/tool.go +++ b/modules/base/tool.go @@ -6,12 +6,14 @@ package base import ( "bytes" + "crypto/hmac" "crypto/md5" "crypto/rand" "crypto/sha1" "encoding/hex" "encoding/json" "fmt" + "hash" "math" "strconv" "strings" @@ -40,6 +42,44 @@ func GetRandomString(n int, alphabets ...byte) string { return string(bytes) } +// http://code.google.com/p/go/source/browse/pbkdf2/pbkdf2.go?repo=crypto +func PBKDF2(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { + prf := hmac.New(h, password) + hashLen := prf.Size() + numBlocks := (keyLen + hashLen - 1) / hashLen + + var buf [4]byte + dk := make([]byte, 0, numBlocks*hashLen) + U := make([]byte, hashLen) + for block := 1; block <= numBlocks; block++ { + // N.B.: || means concatenation, ^ means XOR + // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter + // U_1 = PRF(password, salt || uint(i)) + prf.Reset() + prf.Write(salt) + buf[0] = byte(block >> 24) + buf[1] = byte(block >> 16) + buf[2] = byte(block >> 8) + buf[3] = byte(block) + prf.Write(buf[:4]) + dk = prf.Sum(dk) + T := dk[len(dk)-hashLen:] + copy(U, T) + + // U_n = PRF(password, U_(n-1)) + for n := 2; n <= iter; n++ { + prf.Reset() + prf.Write(U) + U = U[:0] + U = prf.Sum(U) + for x := range U { + T[x] ^= U[x] + } + } + } + return dk[:keyLen] +} + // verify time limit code func VerifyTimeLimitCode(data string, minutes int, code string) bool { if len(code) <= 18 { diff --git a/routers/user/setting.go b/routers/user/setting.go index 4b6d88a3..ea779e85 100644 --- a/routers/user/setting.go +++ b/routers/user/setting.go @@ -73,11 +73,7 @@ func SettingPassword(ctx *middleware.Context, form auth.UpdatePasswdForm) { user := ctx.User newUser := &models.User{Passwd: form.NewPasswd} - if err := newUser.EncodePasswd(); err != nil { - ctx.Handle(200, "setting.SettingPassword", err) - return - } - + newUser.EncodePasswd() if user.Passwd != newUser.Passwd { ctx.Data["HasError"] = true ctx.Data["ErrorMsg"] = "Old password is not correct" @@ -85,6 +81,7 @@ func SettingPassword(ctx *middleware.Context, form auth.UpdatePasswdForm) { ctx.Data["HasError"] = true ctx.Data["ErrorMsg"] = "New password and re-type password are not same" } else { + newUser.Salt = models.GetUserSalt() user.Passwd = newUser.Passwd if err := models.UpdateUser(user); err != nil { ctx.Handle(200, "setting.SettingPassword", err) diff --git a/routers/user/user.go b/routers/user/user.go index 872ed0d6..12f2bd8c 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -477,12 +477,9 @@ func ResetPasswd(ctx *middleware.Context) { } u.Passwd = passwd - if err := u.EncodePasswd(); err != nil { - ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err) - return - } - u.Rands = models.GetUserSalt() + u.Salt = models.GetUserSalt() + u.EncodePasswd() if err := models.UpdateUser(u); err != nil { ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err) return -- cgit v1.2.3 From 9ea9818d3255e5b08293205e278240dece36687d Mon Sep 17 00:00:00 2001 From: Unknown Date: Mon, 7 Apr 2014 12:56:40 -0400 Subject: Fix issue with log in with GitHub but need more error handle after --- conf/app.ini | 8 +++++++ gogs.go | 2 +- models/user.go | 13 +++++++++++ modules/base/conf.go | 53 +++++++++++++++++++++++++++++++++++---------- modules/base/markdown.go | 13 +++++------ modules/mailer/mail.go | 31 ++++++++++++++++++++------ modules/oauth2/oauth2.go | 33 +++++++++++++++++----------- routers/repo/issue.go | 28 +++++++++++++++++++----- routers/user/social.go | 12 ++++++---- routers/user/user.go | 5 +++++ templates/issue/create.tmpl | 2 +- templates/user/signin.tmpl | 5 ++++- web.go | 22 ++++++++++--------- 13 files changed, 167 insertions(+), 60 deletions(-) (limited to 'models/user.go') diff --git a/conf/app.ini b/conf/app.ini index 43033eaa..c9024600 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -72,6 +72,14 @@ FROM = USER = PASSWD = +[oauth] +ENABLED = false + +[oauth.github] +ENABLED = +CLIENT_ID = +CLIENT_SECRET = + [cache] ; Either "memory", "redis", or "memcache", default is "memory" ADAPTER = memory diff --git a/gogs.go b/gogs.go index e7197482..df268980 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.2.0406 Alpha" +const APP_VER = "0.2.2.0407 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/user.go b/models/user.go index a5a6de09..0fcf7243 100644 --- a/models/user.go +++ b/models/user.go @@ -366,6 +366,19 @@ func GetUserByName(name string) (*User, error) { return user, nil } +// GetUserEmailsByNames returns a slice of e-mails corresponds to names. +func GetUserEmailsByNames(names []string) []string { + mails := make([]string, 0, len(names)) + for _, name := range names { + u, err := GetUserByName(name) + if err != nil { + continue + } + mails = append(mails, u.Email) + } + return mails +} + // GetUserByEmail returns the user object by given e-mail if exists. func GetUserByEmail(email string) (*User, error) { if len(email) == 0 { diff --git a/modules/base/conf.go b/modules/base/conf.go index 0a618ab1..ba9c320d 100644 --- a/modules/base/conf.go +++ b/modules/base/conf.go @@ -22,13 +22,21 @@ import ( "github.com/gogits/gogs/modules/log" ) -// Mailer represents a mail service. +// Mailer represents mail service. type Mailer struct { Name string Host string User, Passwd string } +// Oauther represents oauth service. +type Oauther struct { + GitHub struct { + Enabled bool + ClientId, ClientSecret string + } +} + var ( AppVer string AppName string @@ -45,8 +53,9 @@ var ( CookieUserName string CookieRememberName string - Cfg *goconfig.ConfigFile - MailService *Mailer + Cfg *goconfig.ConfigFile + MailService *Mailer + OauthService *Oauther LogMode string LogConfig string @@ -206,15 +215,17 @@ func newSessionService() { func newMailService() { // Check mailer setting. - if Cfg.MustBool("mailer", "ENABLED") { - MailService = &Mailer{ - Name: Cfg.MustValue("mailer", "NAME", AppName), - Host: Cfg.MustValue("mailer", "HOST"), - User: Cfg.MustValue("mailer", "USER"), - Passwd: Cfg.MustValue("mailer", "PASSWD"), - } - log.Info("Mail Service Enabled") + if !Cfg.MustBool("mailer", "ENABLED") { + return + } + + MailService = &Mailer{ + Name: Cfg.MustValue("mailer", "NAME", AppName), + Host: Cfg.MustValue("mailer", "HOST"), + User: Cfg.MustValue("mailer", "USER"), + Passwd: Cfg.MustValue("mailer", "PASSWD"), } + log.Info("Mail Service Enabled") } func newRegisterMailService() { @@ -239,6 +250,25 @@ func newNotifyMailService() { log.Info("Notify Mail Service Enabled") } +func newOauthService() { + if !Cfg.MustBool("oauth", "ENABLED") { + return + } + + OauthService = &Oauther{} + oauths := make([]string, 0, 10) + + // GitHub. + if Cfg.MustBool("oauth.github", "ENABLED") { + OauthService.GitHub.Enabled = true + OauthService.GitHub.ClientId = Cfg.MustValue("oauth.github", "CLIENT_ID") + OauthService.GitHub.ClientSecret = Cfg.MustValue("oauth.github", "CLIENT_SECRET") + oauths = append(oauths, "GitHub") + } + + log.Info("Oauth Service Enabled %s", oauths) +} + func NewConfigContext() { //var err error workDir, err := ExecDir() @@ -303,4 +333,5 @@ func NewServices() { newMailService() newRegisterMailService() newNotifyMailService() + newOauthService() } diff --git a/modules/base/markdown.go b/modules/base/markdown.go index f0992d04..ce1e2f5b 100644 --- a/modules/base/markdown.go +++ b/modules/base/markdown.go @@ -90,21 +90,21 @@ func (options *CustomRender) Link(out *bytes.Buffer, link []byte, title []byte, } var ( - mentionPattern = regexp.MustCompile(`@[0-9a-zA-Z_]{1,}`) + MentionPattern = regexp.MustCompile(`@[0-9a-zA-Z_]{1,}`) commitPattern = regexp.MustCompile(`(\s|^)https?.*commit/[0-9a-zA-Z]+(#+[0-9a-zA-Z-]*)?`) issueFullPattern = regexp.MustCompile(`(\s|^)https?.*issues/[0-9]+(#+[0-9a-zA-Z-]*)?`) - issueIndexPattern = regexp.MustCompile(`(\s|^)#[0-9]+`) + issueIndexPattern = regexp.MustCompile(`#[0-9]+`) ) func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { - ms := mentionPattern.FindAll(rawBytes, -1) + ms := MentionPattern.FindAll(rawBytes, -1) for _, m := range ms { rawBytes = bytes.Replace(rawBytes, m, []byte(fmt.Sprintf(`%s`, m[1:], m)), -1) } ms = commitPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) + m = bytes.TrimSpace(m) i := strings.Index(string(m), "commit/") j := strings.Index(string(m), "#") if j == -1 { @@ -115,7 +115,7 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } ms = issueFullPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) + m = bytes.TrimSpace(m) i := strings.Index(string(m), "issues/") j := strings.Index(string(m), "#") if j == -1 { @@ -126,9 +126,8 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } ms = issueIndexPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) rawBytes = bytes.Replace(rawBytes, m, []byte(fmt.Sprintf( - ` %s`, urlPrefix, m[1:], m)), -1) + `%s`, urlPrefix, m[1:], m)), -1) } return rawBytes } diff --git a/modules/mailer/mail.go b/modules/mailer/mail.go index eee6b916..d2bf1310 100644 --- a/modules/mailer/mail.go +++ b/modules/mailer/mail.go @@ -111,11 +111,11 @@ func SendResetPasswdMail(r *middleware.Render, user *models.User) { SendAsync(&msg) } -// SendNotifyMail sends mail notification of all watchers. -func SendNotifyMail(user, owner *models.User, repo *models.Repository, issue *models.Issue) error { +// SendIssueNotifyMail sends mail notification of all watchers of repository. +func SendIssueNotifyMail(user, owner *models.User, repo *models.Repository, issue *models.Issue) ([]string, error) { watches, err := models.GetWatches(repo.Id) if err != nil { - return errors.New("mail.NotifyWatchers(get watches): " + err.Error()) + return nil, errors.New("mail.NotifyWatchers(get watches): " + err.Error()) } tos := make([]string, 0, len(watches)) @@ -126,20 +126,37 @@ func SendNotifyMail(user, owner *models.User, repo *models.Repository, issue *mo } u, err := models.GetUserById(uid) if err != nil { - return errors.New("mail.NotifyWatchers(get user): " + err.Error()) + return nil, errors.New("mail.NotifyWatchers(get user): " + err.Error()) } tos = append(tos, u.Email) } if len(tos) == 0 { - return nil + return tos, nil } subject := fmt.Sprintf("[%s] %s", repo.Name, issue.Name) content := fmt.Sprintf("%s
-
View it on Gogs.", - issue.Content, base.AppUrl, owner.Name, repo.Name, issue.Index) + base.RenderSpecialLink([]byte(issue.Content), owner.Name+"/"+repo.Name), + base.AppUrl, owner.Name, repo.Name, issue.Index) + msg := NewMailMessageFrom(tos, user.Name, subject, content) + msg.Info = fmt.Sprintf("Subject: %s, send issue notify emails", subject) + SendAsync(&msg) + return tos, nil +} + +// SendIssueMentionMail sends mail notification for who are mentioned in issue. +func SendIssueMentionMail(user, owner *models.User, repo *models.Repository, issue *models.Issue, tos []string) error { + if len(tos) == 0 { + return nil + } + + issueLink := fmt.Sprintf("%s%s/%s/issues/%d", base.AppUrl, owner.Name, repo.Name, issue.Index) + body := fmt.Sprintf(`%s mentioned you.`) + subject := fmt.Sprintf("[%s] %s", repo.Name, issue.Name) + content := fmt.Sprintf("%s
-
View it on Gogs.", body, issueLink) msg := NewMailMessageFrom(tos, user.Name, subject, content) - msg.Info = fmt.Sprintf("Subject: %s, send notify emails", subject) + msg.Info = fmt.Sprintf("Subject: %s, send issue mention emails", subject) SendAsync(&msg) return nil } diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go index 6612b95a..180c52ca 100644 --- a/modules/oauth2/oauth2.go +++ b/modules/oauth2/oauth2.go @@ -29,13 +29,13 @@ import ( "github.com/gogits/session" + "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" ) const ( - codeRedirect = 302 - keyToken = "oauth2_token" - keyNextPage = "next" + keyToken = "oauth2_token" + keyNextPage = "next" ) var ( @@ -179,42 +179,49 @@ var LoginRequired martini.Handler = func() martini.Handler { token := unmarshallToken(ctx.Session) if token == nil || token.IsExpired() { next := url.QueryEscape(ctx.Req.URL.RequestURI()) - ctx.Redirect(PathLogin+"?next="+next, codeRedirect) + ctx.Redirect(PathLogin + "?next=" + next) + return } } }() func login(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + next := extractPath(ctx.Query(keyNextPage)) if ctx.Session.Get(keyToken) == nil { // User is not logged in. - ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect) + ctx.Redirect(t.Config.AuthCodeURL(next)) return } // No need to login, redirect to the next page. - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func logout(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + next := extractPath(ctx.Query(keyNextPage)) ctx.Session.Delete(keyToken) - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get("state")) - code := ctx.Req.URL.Query().Get("code") + if errMsg := ctx.Query("error_description"); len(errMsg) > 0 { + log.Error("oauth2.handleOAuth2Callback: %s", errMsg) + return + } + + next := extractPath(ctx.Query("state")) + code := ctx.Query("code") tk, err := t.Exchange(code) if err != nil { // Pass the error message, or allow dev to provide its own // error handler. - ctx.Redirect(PathError, codeRedirect) + log.Error("oauth2.handleOAuth2Callback(token.Exchange): %v", err) + // ctx.Redirect(PathError) return } // Store the credentials in the session. val, _ := json.Marshal(tk) ctx.Session.Set(keyToken, val) - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func unmarshallToken(s session.SessionStore) (t *token) { diff --git a/routers/repo/issue.go b/routers/repo/issue.go index 38522e0c..9688fd4d 100644 --- a/routers/repo/issue.go +++ b/routers/repo/issue.go @@ -9,6 +9,7 @@ import ( "net/url" "strings" + "github.com/Unknwon/com" "github.com/go-martini/martini" "github.com/gogits/gogs/models" @@ -99,7 +100,7 @@ func CreateIssue(ctx *middleware.Context, params martini.Params, form auth.Creat issue, err := models.CreateIssue(ctx.User.Id, ctx.Repo.Repository.Id, form.MilestoneId, form.AssigneeId, ctx.Repo.Repository.NumIssues, form.IssueName, form.Labels, form.Content, false) if err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + ctx.Handle(200, "issue.CreateIssue(CreateIssue)", err) return } @@ -107,14 +108,31 @@ func CreateIssue(ctx *middleware.Context, params martini.Params, form auth.Creat if err = models.NotifyWatchers(&models.Action{ActUserId: ctx.User.Id, ActUserName: ctx.User.Name, ActEmail: ctx.User.Email, OpType: models.OP_CREATE_ISSUE, Content: fmt.Sprintf("%d|%s", issue.Index, issue.Name), RepoId: ctx.Repo.Repository.Id, RepoName: ctx.Repo.Repository.Name, RefName: ""}); err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + ctx.Handle(200, "issue.CreateIssue(NotifyWatchers)", err) return } - // Mail watchers. + // Mail watchers and mentions. if base.Service.NotifyMail { - if err = mailer.SendNotifyMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, issue); err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + tos, err := mailer.SendIssueNotifyMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, issue) + if err != nil { + ctx.Handle(200, "issue.CreateIssue(SendIssueNotifyMail)", err) + return + } + + tos = append(tos, ctx.User.LowerName) + ms := base.MentionPattern.FindAllString(issue.Content, -1) + newTos := make([]string, 0, len(ms)) + for _, m := range ms { + if com.IsSliceContainsStr(tos, m[1:]) { + continue + } + + newTos = append(newTos, m[1:]) + } + if err = mailer.SendIssueMentionMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, + issue, models.GetUserEmailsByNames(newTos)); err != nil { + ctx.Handle(200, "issue.CreateIssue(SendIssueMentionMail)", err) return } } diff --git a/routers/user/social.go b/routers/user/social.go index f5577d80..08cfcd83 100644 --- a/routers/user/social.go +++ b/routers/user/social.go @@ -1,20 +1,20 @@ // Copyright 2014 The Gogs Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. + package user import ( "encoding/json" "strconv" + "code.google.com/p/goauth2/oauth" + "github.com/gogits/gogs/models" "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" - //"github.com/gogits/gogs/modules/oauth2" - - "code.google.com/p/goauth2/oauth" - "github.com/martini-contrib/oauth2" + "github.com/gogits/gogs/modules/oauth2" ) type SocialConnector interface { @@ -80,6 +80,10 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { Extra: tokens.ExtraData(), }, } + if len(tokens.Access()) == 0 { + log.Error("empty access") + return + } var err error var u *models.User if err = gh.Update(); err != nil { diff --git a/routers/user/user.go b/routers/user/user.go index 12f2bd8c..f6a39b86 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -78,6 +78,11 @@ func SignIn(ctx *middleware.Context, form auth.LogInForm) { ctx.Data["Title"] = "Log In" if ctx.Req.Method == "GET" { + if base.OauthService != nil { + ctx.Data["OauthEnabled"] = true + ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled + } + // Check auto-login. userName := ctx.GetCookie(base.CookieUserName) if len(userName) == 0 { diff --git a/templates/issue/create.tmpl b/templates/issue/create.tmpl index 01784cd2..5375040b 100644 --- a/templates/issue/create.tmpl +++ b/templates/issue/create.tmpl @@ -19,7 +19,7 @@
diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl index 43f47e41..eb4cb9cc 100644 --- a/templates/user/signin.tmpl +++ b/templates/user/signin.tmpl @@ -43,9 +43,12 @@
+ {{if .OauthEnabled}}
- Register new account +

Log In with Social Accounts

+ {{if .OauthGitHubEnabled}}{{end}}
+ {{end}} {{template "base/footer" .}} \ No newline at end of file diff --git a/web.go b/web.go index c8fb8dc0..8d53b9e1 100644 --- a/web.go +++ b/web.go @@ -20,16 +20,13 @@ import ( "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" - //"github.com/gogits/gogs/modules/oauth2" + "github.com/gogits/gogs/modules/oauth2" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/api/v1" "github.com/gogits/gogs/routers/dev" "github.com/gogits/gogs/routers/repo" "github.com/gogits/gogs/routers/user" - - "github.com/martini-contrib/oauth2" - "github.com/martini-contrib/sessions" ) var CmdWeb = cli.Command{ @@ -63,12 +60,17 @@ func runWeb(*cli.Context) { m.Use(middleware.InitContext()) scope := "https://api.github.com/user" - oauth2.PathCallback = "/oauth2callback" - m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) + // m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) + // m.Use(oauth2.Github(&oauth2.Options{ + // ClientId: "09383403ff2dc16daaa1", + // ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", + // RedirectURL: base.AppUrl + oauth2.PathCallback, + // Scopes: []string{scope}, + // })) m.Use(oauth2.Github(&oauth2.Options{ - ClientId: "09383403ff2dc16daaa1", - ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", - RedirectURL: base.AppUrl + oauth2.PathCallback, + ClientId: "ba323b44192e65c7c320", + ClientSecret: "6818ffed53bea5815bf1a6412d1933f25fa10619", + RedirectURL: base.AppUrl + oauth2.PathCallback[1:], Scopes: []string{scope}, })) @@ -92,8 +94,8 @@ func runWeb(*cli.Context) { m.Get("/avatar/:hash", avt.ServeHTTP) m.Group("/user", func(r martini.Router) { - r.Any("/login/github", reqSignOut, oauth2.LoginRequired, user.SocialSignIn) r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) + r.Any("/login/github", oauth2.LoginRequired, user.SocialSignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) r.Any("/forget_password", user.ForgotPasswd) r.Any("/reset_password", user.ResetPasswd) -- cgit v1.2.3