From ce350a737a63aeb4e2ca5924adf28862a6a6cfb1 Mon Sep 17 00:00:00 2001 From: skyblue Date: Sat, 5 Apr 2014 22:46:32 +0800 Subject: update models, add licence in start.sh --- models/models.go | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'models') diff --git a/models/models.go b/models/models.go index 384f1fc4..0dc4d51e 100644 --- a/models/models.go +++ b/models/models.go @@ -18,7 +18,9 @@ import ( ) var ( - orm *xorm.Engine + orm *xorm.Engine + tables []interface{} + HasEngine bool DbCfg struct { @@ -28,6 +30,11 @@ var ( UseSQLite3 bool ) +func init() { + tables = append(tables, new(User), new(PublicKey), new(Repository), new(Watch), + new(Action), new(Access), new(Issue), new(Comment)) +} + func LoadModelsConfig() { DbCfg.Type = base.Cfg.MustValue("database", "DB_TYPE") if DbCfg.Type == "sqlite3" { @@ -58,9 +65,7 @@ func NewTestEngine(x *xorm.Engine) (err error) { if err != nil { return fmt.Errorf("models.init(fail to conntect database): %v\n", err) } - - return x.Sync(new(User), new(PublicKey), new(Repository), new(Watch), - new(Action), new(Access), new(Issue), new(Comment)) + return x.Sync(tables...) } func SetEngine() (err error) { @@ -102,8 +107,8 @@ func SetEngine() (err error) { func NewEngine() (err error) { if err = SetEngine(); err != nil { return err - } else if err = orm.Sync(new(User), new(PublicKey), new(Repository), new(Watch), - new(Action), new(Access), new(Issue), new(Comment)); err != nil { + } + if err = orm.Sync(tables...); err != nil { return fmt.Errorf("sync database struct error: %v\n", err) } return nil -- cgit v1.2.3 From 3ebc9b991a70e10c4b2c6319c1ff6195c0d75a17 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 5 Apr 2014 11:22:14 -0400 Subject: Use gogits/session for oauth2 --- .gopmfile | 42 ++++++++++++++++----------------- README.md | 4 ++-- README_ZH.md | 4 ++-- gogs.go | 2 +- models/publickey.go | 2 +- modules/oauth2/oauth2.go | 61 +++++++++++++++++++++++++----------------------- routers/install.go | 1 + web.go | 23 ++++++++---------- 8 files changed, 69 insertions(+), 70 deletions(-) (limited to 'models') diff --git a/.gopmfile b/.gopmfile index ae92d45e..d3f0b3ca 100644 --- a/.gopmfile +++ b/.gopmfile @@ -1,28 +1,26 @@ [target] -path=github.com/gogits/gogs +path = github.com/gogits/gogs [deps] -github.com/codegangsta/cli= -github.com/go-martini/martini= -github.com/Unknwon/com= -github.com/Unknwon/cae= -github.com/Unknwon/goconfig= -github.com/dchest/scrypt= -github.com/nfnt/resize= -github.com/lunny/xorm= -github.com/go-sql-driver/mysql= -github.com/lib/pq= -github.com/gogits/logs= -github.com/gogits/binding= -github.com/gogits/git= -github.com/gogits/gfm= -github.com/gogits/cache= -github.com/gogits/session= -github.com/gogits/webdav= -github.com/martini-contrib/oauth2= -github.com/martini-contrib/sessions= -code.google.com/p/goauth2= +github.com/codegangsta/cli = +github.com/go-martini/martini = +github.com/Unknwon/com = +github.com/Unknwon/cae = +github.com/Unknwon/goconfig = +github.com/dchest/scrypt = +github.com/nfnt/resize = +github.com/lunny/xorm = +github.com/go-sql-driver/mysql = +github.com/lib/pq = +github.com/gogits/logs = +github.com/gogits/binding = +github.com/gogits/git = +github.com/gogits/gfm = +github.com/gogits/cache = +github.com/gogits/session = +github.com/gogits/webdav = +code.google.com/p/goauth2 = [res] -include=templates|public|conf +include = templates|public|conf diff --git a/README.md b/README.md index 6061f5a7..ede1894a 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### Current version: 0.2.0 Alpha +##### Current version: 0.2.1 Alpha #### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site. @@ -31,7 +31,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o - Activity timeline - SSH/HTTPS(Clone only) protocol support. - Register/delete/rename account. -- Create/delete/watch/rename public repository. +- Create/delete/watch/rename/transfer public repository. - Repository viewer. - Issue tracker. - Gravatar and cache support. diff --git a/README_ZH.md b/README_ZH.md index e66f607a..9b5e4641 100644 --- a/README_ZH.md +++ b/README_ZH.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。 ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### 当前版本:0.2.0 Alpha +##### 当前版本:0.2.1 Alpha ## 开发目的 @@ -25,7 +25,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依 - 活动时间线 - SSH/HTTPS(仅限 Clone) 协议支持 - 注册/删除/重命名用户 -- 创建/删除/关注/重命名公开仓库 +- 创建/删除/关注/重命名/转移公开仓库 - 仓库浏览器 - Bug 追踪系统 - Gravatar 以及缓存支持 diff --git a/gogs.go b/gogs.go index 8d9159d6..13b9d377 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.0.0404 Alpha" +const APP_VER = "0.2.1.0405 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/publickey.go b/models/publickey.go index 426e6b0b..ed47ff20 100644 --- a/models/publickey.go +++ b/models/publickey.go @@ -78,7 +78,7 @@ func init() { type PublicKey struct { Id int64 OwnerId int64 `xorm:"unique(s) index not null"` - Name string `xorm:"unique(s) not null"` //UNIQUE(s) + Name string `xorm:"unique(s) not null"` Fingerprint string Content string `xorm:"TEXT not null"` Created time.Time `xorm:"created"` diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go index 088d65dd..6612b95a 100644 --- a/modules/oauth2/oauth2.go +++ b/modules/oauth2/oauth2.go @@ -26,7 +26,10 @@ import ( "code.google.com/p/goauth2/oauth" "github.com/go-martini/martini" - "github.com/martini-contrib/sessions" + + "github.com/gogits/session" + + "github.com/gogits/gogs/modules/middleware" ) const ( @@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler { Transport: http.DefaultTransport, } - return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - switch r.URL.Path { + return func(c martini.Context, ctx *middleware.Context) { + if ctx.Req.Method == "GET" { + switch ctx.Req.URL.Path { case PathLogin: - login(transport, s, w, r) + login(transport, ctx) case PathLogout: - logout(transport, s, w, r) + logout(transport, ctx) case PathCallback: - handleOAuth2Callback(transport, s, w, r) + handleOAuth2Callback(transport, ctx) } } - tk := unmarshallToken(s) + tk := unmarshallToken(ctx.Session) if tk != nil { // check if the access token is expired if tk.IsExpired() && tk.Refresh() == "" { - s.Delete(keyToken) + ctx.Session.Delete(keyToken) tk = nil } } @@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler { // Sample usage: // m.Get("/login-required", oauth2.LoginRequired, func() ... {}) var LoginRequired martini.Handler = func() martini.Handler { - return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { - token := unmarshallToken(s) + return func(c martini.Context, ctx *middleware.Context) { + token := unmarshallToken(ctx.Session) if token == nil || token.IsExpired() { - next := url.QueryEscape(r.URL.RequestURI()) - http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect) + next := url.QueryEscape(ctx.Req.URL.RequestURI()) + ctx.Redirect(PathLogin+"?next="+next, codeRedirect) } } }() -func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get(keyNextPage)) - if s.Get(keyToken) == nil { +func login(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + if ctx.Session.Get(keyToken) == nil { // User is not logged in. - http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect) + ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect) return } // No need to login, redirect to the next page. - http.Redirect(w, r, next, codeRedirect) + ctx.Redirect(next, codeRedirect) } -func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get(keyNextPage)) - s.Delete(keyToken) - http.Redirect(w, r, next, codeRedirect) +func logout(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + ctx.Session.Delete(keyToken) + ctx.Redirect(next, codeRedirect) } -func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { - next := extractPath(r.URL.Query().Get("state")) - code := r.URL.Query().Get("code") +func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) { + next := extractPath(ctx.Req.URL.Query().Get("state")) + code := ctx.Req.URL.Query().Get("code") tk, err := t.Exchange(code) if err != nil { // Pass the error message, or allow dev to provide its own // error handler. - http.Redirect(w, r, PathError, codeRedirect) + ctx.Redirect(PathError, codeRedirect) return } // Store the credentials in the session. val, _ := json.Marshal(tk) - s.Set(keyToken, val) - http.Redirect(w, r, next, codeRedirect) + ctx.Session.Set(keyToken, val) + ctx.Redirect(next, codeRedirect) } -func unmarshallToken(s sessions.Session) (t *token) { +func unmarshallToken(s session.SessionStore) (t *token) { if s.Get(keyToken) == nil { return } diff --git a/routers/install.go b/routers/install.go index 032af480..48c1b5e1 100644 --- a/routers/install.go +++ b/routers/install.go @@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) { if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd, IsAdmin: true, IsActive: true}); err != nil { if err != models.ErrUserAlreadyExist { + base.InstallLock = false ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form) return } diff --git a/web.go b/web.go index 18e48b84..0594d8e6 100644 --- a/web.go +++ b/web.go @@ -11,8 +11,6 @@ import ( "github.com/codegangsta/cli" "github.com/go-martini/martini" - // "github.com/martini-contrib/oauth2" - // "github.com/martini-contrib/sessions" "github.com/gogits/binding" @@ -21,6 +19,7 @@ import ( "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" + "github.com/gogits/gogs/modules/oauth2" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/api/v1" @@ -59,19 +58,17 @@ func runWeb(*cli.Context) { // Middlewares. m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}})) - - // scope := "https://api.github.com/user" - // oauth2.PathCallback = "/oauth2callback" - // m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) - // m.Use(oauth2.Github(&oauth2.Options{ - // ClientId: "09383403ff2dc16daaa1", - // ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", - // RedirectURL: base.AppUrl + oauth2.PathCallback, - // Scopes: []string{scope}, - // })) - m.Use(middleware.InitContext()) + scope := "https://api.github.com/user" + oauth2.PathCallback = "/oauth2callback" + m.Use(oauth2.Github(&oauth2.Options{ + ClientId: "09383403ff2dc16daaa1", + ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", + RedirectURL: base.AppUrl + oauth2.PathCallback, + Scopes: []string{scope}, + })) + reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true}) ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView}) reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true}) -- cgit v1.2.3 From b7c3b0cc73ad8721e2eec59d018a91850ba7f750 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 5 Apr 2014 12:32:34 -0400 Subject: Add reset password, fix #58 --- models/user.go | 15 ++++++ modules/base/template.go | 4 ++ modules/mailer/mail.go | 22 ++++++++- routers/user/user.go | 84 ++++++++++++++++++++++++++++++++- templates/mail/auth/reset_passwd.tmpl | 33 +++++++++++++ templates/mail/auth/reset_password.html | 25 ---------- templates/user/forgot_passwd.tmpl | 30 ++++++++++++ templates/user/reset_passwd.tmpl | 26 ++++++++++ templates/user/signin.tmpl | 2 +- web.go | 2 + 10 files changed, 214 insertions(+), 29 deletions(-) create mode 100644 templates/mail/auth/reset_passwd.tmpl delete mode 100644 templates/mail/auth/reset_password.html create mode 100644 templates/user/forgot_passwd.tmpl create mode 100644 templates/user/reset_passwd.tmpl (limited to 'models') diff --git a/models/user.go b/models/user.go index 1ec3b295..2196eae8 100644 --- a/models/user.go +++ b/models/user.go @@ -367,6 +367,21 @@ func GetUserByName(name string) (*User, error) { return user, nil } +// GetUserByEmail returns the user object by given e-mail if exists. +func GetUserByEmail(email string) (*User, error) { + if len(email) == 0 { + return nil, ErrUserNotExist + } + user := &User{Email: strings.ToLower(email)} + has, err := orm.Get(user) + if err != nil { + return nil, err + } else if !has { + return nil, ErrUserNotExist + } + return user, nil +} + // LoginUserPlain validates user by raw user name and password. func LoginUserPlain(name, passwd string) (*User, error) { user := User{LowerName: strings.ToLower(name), Passwd: passwd} diff --git a/modules/base/template.go b/modules/base/template.go index dfcae931..56b77a5d 100644 --- a/modules/base/template.go +++ b/modules/base/template.go @@ -67,6 +67,10 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{ "DateFormat": DateFormat, "List": List, "Mail2Domain": func(mail string) string { + if !strings.Contains(mail, "@") { + return "try.gogits.org" + } + suffix := strings.SplitN(mail, "@", 2)[1] domain, ok := mailDomains[suffix] if !ok { diff --git a/modules/mailer/mail.go b/modules/mailer/mail.go index b99fc8fd..eee6b916 100644 --- a/modules/mailer/mail.go +++ b/modules/mailer/mail.go @@ -86,7 +86,27 @@ func SendActiveMail(r *middleware.Render, user *models.User) { } msg := NewMailMessage([]string{user.Email}, subject, body) - msg.Info = fmt.Sprintf("UID: %d, send email verify mail", user.Id) + msg.Info = fmt.Sprintf("UID: %d, send active mail", user.Id) + + SendAsync(&msg) +} + +// Send reset password email. +func SendResetPasswdMail(r *middleware.Render, user *models.User) { + code := CreateUserActiveCode(user, nil) + + subject := "Reset your password" + + data := GetMailTmplData(user) + data["Code"] = code + body, err := r.HTMLString("mail/auth/reset_passwd", data) + if err != nil { + log.Error("mail.SendResetPasswdMail(fail to render): %v", err) + return + } + + msg := NewMailMessage([]string{user.Email}, subject, body) + msg.Info = fmt.Sprintf("UID: %d, send reset password email", user.Id) SendAsync(&msg) } diff --git a/routers/user/user.go b/routers/user/user.go index 08930e22..872ed0d6 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -403,9 +403,12 @@ func Activate(ctx *middleware.Context) { if user := models.VerifyUserActiveCode(code); user != nil { user.IsActive = true user.Rands = models.GetUserSalt() - models.UpdateUser(user) + if err := models.UpdateUser(user); err != nil { + ctx.Handle(404, "user.Activate", err) + return + } - log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.LowerName) + log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name) ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) @@ -416,3 +419,80 @@ func Activate(ctx *middleware.Context) { ctx.Data["IsActivateFailed"] = true ctx.HTML(200, "user/active") } + +func ForgotPasswd(ctx *middleware.Context) { + ctx.Data["Title"] = "Forgot Password" + + if base.MailService == nil { + ctx.Data["IsResetDisable"] = true + ctx.HTML(200, "user/forgot_passwd") + return + } + + ctx.Data["IsResetRequest"] = true + if ctx.Req.Method == "GET" { + ctx.HTML(200, "user/forgot_passwd") + return + } + + email := ctx.Query("email") + u, err := models.GetUserByEmail(email) + if err != nil { + if err == models.ErrUserNotExist { + ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil) + } else { + ctx.Handle(404, "user.ResetPasswd(check existence)", err) + } + return + } + + mailer.SendResetPasswdMail(ctx.Render, u) + ctx.Data["Email"] = email + ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60 + ctx.Data["IsResetSent"] = true + ctx.HTML(200, "user/forgot_passwd") +} + +func ResetPasswd(ctx *middleware.Context) { + code := ctx.Query("code") + if len(code) == 0 { + ctx.Error(404) + return + } + ctx.Data["Code"] = code + + if ctx.Req.Method == "GET" { + ctx.Data["IsResetForm"] = true + ctx.HTML(200, "user/reset_passwd") + return + } + + if u := models.VerifyUserActiveCode(code); u != nil { + // Validate password length. + passwd := ctx.Query("passwd") + if len(passwd) < 6 || len(passwd) > 30 { + ctx.Data["IsResetForm"] = true + ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil) + return + } + + u.Passwd = passwd + if err := u.EncodePasswd(); err != nil { + ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err) + return + } + + u.Rands = models.GetUserSalt() + if err := models.UpdateUser(u); err != nil { + ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err) + return + } + + log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name) + ctx.Redirect("/user/login") + return + } + + ctx.Data["IsResetFailed"] = true + ctx.HTML(200, "user/reset_passwd") +} diff --git a/templates/mail/auth/reset_passwd.tmpl b/templates/mail/auth/reset_passwd.tmpl new file mode 100644 index 00000000..11861f4e --- /dev/null +++ b/templates/mail/auth/reset_passwd.tmpl @@ -0,0 +1,33 @@ + + + + +{{.User.Name}}, please reset your password + + +
+
+
+
+

{{.AppName}}

+
+
+ Hi {{.User.Name}}, +
+
+

Please click following link to reset your password within {{.ActiveCodeLives}} hours.

+

+ {{.AppUrl}}user/reset_password?code={{.Code}} +

+

Copy and paste it to your browser if the link is not working.

+
+
+
+
+
+ © 2014 Gogs: Go Git Service +
+
+
+ + \ No newline at end of file diff --git a/templates/mail/auth/reset_password.html b/templates/mail/auth/reset_password.html deleted file mode 100644 index 40a9efa8..00000000 --- a/templates/mail/auth/reset_password.html +++ /dev/null @@ -1,25 +0,0 @@ -{{template "mail/base.html" .}} -{{define "title"}} - {{if eq .Lang "zh-CN"}} - {{.User.NickName}},重置账户密码 - {{end}} - {{if eq .Lang "en-US"}} - {{.User.NickName}}, reset your password - {{end}} -{{end}} -{{define "body"}} - {{if eq .Lang "zh-CN"}} -

点击链接重置密码,{{.ResetPwdCodeLives}} 分钟内有效

-

- {{.AppUrl}}reset/{{.Code}} -

-

如果链接点击无反应,请复制到浏览器打开。

- {{end}} - {{if eq .Lang "en-US"}} -

Please click following link to reset your password in {{.ResetPwdCodeLives}} hours

-

- {{.AppUrl}}reset/{{.Code}} -

-

Copy and paste it to your browser if it's not working.

- {{end}} -{{end}} \ No newline at end of file diff --git a/templates/user/forgot_passwd.tmpl b/templates/user/forgot_passwd.tmpl new file mode 100644 index 00000000..ff25406f --- /dev/null +++ b/templates/user/forgot_passwd.tmpl @@ -0,0 +1,30 @@ +{{template "base/head" .}} +{{template "base/navbar" .}} +
+
+ {{.CsrfTokenHtml}} +

Reset Your Password

+
{{.ErrorMsg}}
+ {{if .IsResetSent}} +

A confirmation e-mail has been sent to {{.Email}}, please check your inbox within {{.Hours}} hours.

+
+ Sign in to your e-mail + {{else if .IsResetRequest}} +
+ +
+ +
+
+
+
+
+ +
+
+ {{else if .IsResetDisable}} +

Sorry, mail service is not enabled.

+ {{end}} +
+
+{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/user/reset_passwd.tmpl b/templates/user/reset_passwd.tmpl new file mode 100644 index 00000000..9190c7c1 --- /dev/null +++ b/templates/user/reset_passwd.tmpl @@ -0,0 +1,26 @@ +{{template "base/head" .}} +{{template "base/navbar" .}} +
+
+ {{.CsrfTokenHtml}} +

Reset Your Pasword

+
{{.ErrorMsg}}
+ {{if .IsResetForm}} +
+ +
+ +
+
+
+
+
+ +
+
+ {{else}} +

Sorry, your confirmation code has been exipired or not valid.

+ {{end}} +
+
+{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl index b6c39af1..43f47e41 100644 --- a/templates/user/signin.tmpl +++ b/templates/user/signin.tmpl @@ -33,7 +33,7 @@
- Forgot your password? + Forgot your password?
diff --git a/web.go b/web.go index 0594d8e6..b5e4af3e 100644 --- a/web.go +++ b/web.go @@ -92,6 +92,8 @@ func runWeb(*cli.Context) { // r.Any("/login/github", user.SocialSignIn) r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) + r.Any("/forget_password", user.ForgotPasswd) + r.Any("/reset_password", user.ResetPasswd) }, reqSignOut) m.Group("/user", func(r martini.Router) { r.Any("/logout", user.SignOut) -- cgit v1.2.3 From e7c8a3cb8d26da68b09f799585c03970cd243be1 Mon Sep 17 00:00:00 2001 From: Unknown Date: Sun, 6 Apr 2014 16:10:57 -0400 Subject: Add salt for every single user --- .gopmfile | 1 - README.md | 4 ++-- README_ZH.md | 2 +- gogs.go | 2 +- models/user.go | 31 ++++++++++++++++--------------- modules/base/tool.go | 40 ++++++++++++++++++++++++++++++++++++++++ routers/user/setting.go | 7 ++----- routers/user/user.go | 7 ++----- 8 files changed, 64 insertions(+), 30 deletions(-) (limited to 'models') diff --git a/.gopmfile b/.gopmfile index 9bdca49f..c9fad8a0 100644 --- a/.gopmfile +++ b/.gopmfile @@ -7,7 +7,6 @@ github.com/go-martini/martini = github.com/Unknwon/com = github.com/Unknwon/cae = github.com/Unknwon/goconfig = -github.com/dchest/scrypt = github.com/nfnt/resize = github.com/lunny/xorm = github.com/go-sql-driver/mysql = diff --git a/README.md b/README.md index ede1894a..fe15328b 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### Current version: 0.2.1 Alpha +##### Current version: 0.2.2 Alpha -#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site. +#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in April 6, 2014 and will reset multiple times after. Please do NOT put your important data on the site. #### Other language version diff --git a/README_ZH.md b/README_ZH.md index 9b5e4641..015ee0af 100644 --- a/README_ZH.md +++ b/README_ZH.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。 ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### 当前版本:0.2.1 Alpha +##### 当前版本:0.2.2 Alpha ## 开发目的 diff --git a/gogs.go b/gogs.go index 0e48ff7b..e7197482 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.1.0406 Alpha" +const APP_VER = "0.2.2.0406 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/user.go b/models/user.go index 2196eae8..a5a6de09 100644 --- a/models/user.go +++ b/models/user.go @@ -5,6 +5,7 @@ package models import ( + "crypto/sha256" "encoding/hex" "errors" "fmt" @@ -13,8 +14,6 @@ import ( "strings" "time" - "github.com/dchest/scrypt" - "github.com/gogits/git" "github.com/gogits/gogs/modules/base" @@ -62,6 +61,7 @@ type User struct { IsActive bool IsAdmin bool Rands string `xorm:"VARCHAR(10)"` + Salt string `xorm:"VARCHAR(10)"` Created time.Time `xorm:"created"` Updated time.Time `xorm:"updated"` } @@ -89,10 +89,9 @@ func (user *User) NewGitSig() *git.Signature { } // EncodePasswd encodes password to safe format. -func (user *User) EncodePasswd() error { - newPasswd, err := scrypt.Key([]byte(user.Passwd), []byte(base.SecretKey), 16384, 8, 1, 64) +func (user *User) EncodePasswd() { + newPasswd := base.PBKDF2([]byte(user.Passwd), []byte(user.Salt), 10000, 50, sha256.New) user.Passwd = fmt.Sprintf("%x", newPasswd) - return err } // Member represents user is member of organization. @@ -148,9 +147,9 @@ func RegisterUser(user *User) (*User, error) { user.Avatar = base.EncodeMd5(user.Email) user.AvatarEmail = user.Email user.Rands = GetUserSalt() - if err = user.EncodePasswd(); err != nil { - return nil, err - } else if _, err = orm.Insert(user); err != nil { + user.Salt = GetUserSalt() + user.EncodePasswd() + if _, err = orm.Insert(user); err != nil { return nil, err } else if err = os.MkdirAll(UserPath(user.Name), os.ModePerm); err != nil { if _, err := orm.Id(user.Id).Delete(&User{}); err != nil { @@ -384,18 +383,20 @@ func GetUserByEmail(email string) (*User, error) { // LoginUserPlain validates user by raw user name and password. func LoginUserPlain(name, passwd string) (*User, error) { - user := User{LowerName: strings.ToLower(name), Passwd: passwd} - if err := user.EncodePasswd(); err != nil { - return nil, err - } - + user := User{LowerName: strings.ToLower(name)} has, err := orm.Get(&user) if err != nil { return nil, err } else if !has { - err = ErrUserNotExist + return nil, ErrUserNotExist + } + + newUser := &User{Passwd: passwd, Salt: user.Salt} + newUser.EncodePasswd() + if user.Passwd != newUser.Passwd { + return nil, ErrUserNotExist } - return &user, err + return &user, nil } // Follow is connection request for receiving user notifycation. diff --git a/modules/base/tool.go b/modules/base/tool.go index 3946c4b5..f7d1bc2c 100644 --- a/modules/base/tool.go +++ b/modules/base/tool.go @@ -6,12 +6,14 @@ package base import ( "bytes" + "crypto/hmac" "crypto/md5" "crypto/rand" "crypto/sha1" "encoding/hex" "encoding/json" "fmt" + "hash" "math" "strconv" "strings" @@ -40,6 +42,44 @@ func GetRandomString(n int, alphabets ...byte) string { return string(bytes) } +// http://code.google.com/p/go/source/browse/pbkdf2/pbkdf2.go?repo=crypto +func PBKDF2(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { + prf := hmac.New(h, password) + hashLen := prf.Size() + numBlocks := (keyLen + hashLen - 1) / hashLen + + var buf [4]byte + dk := make([]byte, 0, numBlocks*hashLen) + U := make([]byte, hashLen) + for block := 1; block <= numBlocks; block++ { + // N.B.: || means concatenation, ^ means XOR + // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter + // U_1 = PRF(password, salt || uint(i)) + prf.Reset() + prf.Write(salt) + buf[0] = byte(block >> 24) + buf[1] = byte(block >> 16) + buf[2] = byte(block >> 8) + buf[3] = byte(block) + prf.Write(buf[:4]) + dk = prf.Sum(dk) + T := dk[len(dk)-hashLen:] + copy(U, T) + + // U_n = PRF(password, U_(n-1)) + for n := 2; n <= iter; n++ { + prf.Reset() + prf.Write(U) + U = U[:0] + U = prf.Sum(U) + for x := range U { + T[x] ^= U[x] + } + } + } + return dk[:keyLen] +} + // verify time limit code func VerifyTimeLimitCode(data string, minutes int, code string) bool { if len(code) <= 18 { diff --git a/routers/user/setting.go b/routers/user/setting.go index 4b6d88a3..ea779e85 100644 --- a/routers/user/setting.go +++ b/routers/user/setting.go @@ -73,11 +73,7 @@ func SettingPassword(ctx *middleware.Context, form auth.UpdatePasswdForm) { user := ctx.User newUser := &models.User{Passwd: form.NewPasswd} - if err := newUser.EncodePasswd(); err != nil { - ctx.Handle(200, "setting.SettingPassword", err) - return - } - + newUser.EncodePasswd() if user.Passwd != newUser.Passwd { ctx.Data["HasError"] = true ctx.Data["ErrorMsg"] = "Old password is not correct" @@ -85,6 +81,7 @@ func SettingPassword(ctx *middleware.Context, form auth.UpdatePasswdForm) { ctx.Data["HasError"] = true ctx.Data["ErrorMsg"] = "New password and re-type password are not same" } else { + newUser.Salt = models.GetUserSalt() user.Passwd = newUser.Passwd if err := models.UpdateUser(user); err != nil { ctx.Handle(200, "setting.SettingPassword", err) diff --git a/routers/user/user.go b/routers/user/user.go index 872ed0d6..12f2bd8c 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -477,12 +477,9 @@ func ResetPasswd(ctx *middleware.Context) { } u.Passwd = passwd - if err := u.EncodePasswd(); err != nil { - ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err) - return - } - u.Rands = models.GetUserSalt() + u.Salt = models.GetUserSalt() + u.EncodePasswd() if err := models.UpdateUser(u); err != nil { ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err) return -- cgit v1.2.3 From 05fb34eacdbec59fb8bcdf96c82c0855e6ec78d2 Mon Sep 17 00:00:00 2001 From: skyblue Date: Mon, 7 Apr 2014 18:01:25 +0800 Subject: first works oauth2(github). need to login with /user/login/github --- models/oauth2.go | 33 +++++++++++--- routers/user/social.go | 115 +++++++++++++++++++++++++++++++++++++++---------- web.go | 8 +++- 3 files changed, 125 insertions(+), 31 deletions(-) (limited to 'models') diff --git a/models/oauth2.go b/models/oauth2.go index 70dcd510..a17d4e30 100644 --- a/models/oauth2.go +++ b/models/oauth2.go @@ -1,6 +1,6 @@ package models -import "time" +import "fmt" // OT: Oauth2 Type const ( @@ -10,9 +10,30 @@ const ( ) type Oauth2 struct { - Uid int64 `xorm:"pk"` // userId - Type int `xorm:"pk unique(oauth)"` // twitter,github,google... - Identity string `xorm:"pk unique(oauth)"` // id.. - Token string `xorm:"VARCHAR(200) not null"` - RefreshTime time.Time `xorm:"created"` + Uid int64 `xorm:"pk"` // userId + Type int `xorm:"pk unique(oauth)"` // twitter,github,google... + Identity string `xorm:"pk unique(oauth)"` // id.. + Token string `xorm:"VARCHAR(200) not null"` + //RefreshTime time.Time `xorm:"created"` +} + +func AddOauth2(oa *Oauth2) (err error) { + if _, err = orm.Insert(oa); err != nil { + return err + } + return nil +} + +func GetOauth2User(identity string) (u *User, err error) { + oa := &Oauth2{} + oa.Identity = identity + exists, err := orm.Get(oa) + if err != nil { + return + } + if !exists { + err = fmt.Errorf("not exists oauth2: %s", identity) + return + } + return GetUserById(oa.Uid) } diff --git a/routers/user/social.go b/routers/user/social.go index b59f4963..f5577d80 100644 --- a/routers/user/social.go +++ b/routers/user/social.go @@ -5,45 +5,114 @@ package user import ( "encoding/json" + "strconv" - "code.google.com/p/goauth2/oauth" + "github.com/gogits/gogs/models" + "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" - "github.com/gogits/gogs/modules/oauth2" + "github.com/gogits/gogs/modules/middleware" + //"github.com/gogits/gogs/modules/oauth2" + + "code.google.com/p/goauth2/oauth" + "github.com/martini-contrib/oauth2" ) -// github && google && ... -func SocialSignIn(tokens oauth2.Tokens) { - transport := &oauth.Transport{} - transport.Token = &oauth.Token{ - AccessToken: tokens.Access(), - RefreshToken: tokens.Refresh(), - Expiry: tokens.ExpiryTime(), - Extra: tokens.ExtraData(), - } +type SocialConnector interface { + Identity() string + Type() int + Name() string + Email() string + Token() string +} - // Github API refer: https://developer.github.com/v3/users/ - // FIXME: need to judge url - type GithubUser struct { +type SocialGithub struct { + data struct { Id int `json:"id"` Name string `json:"login"` Email string `json:"email"` } + WebToken *oauth.Token +} + +func (s *SocialGithub) Identity() string { + return strconv.Itoa(s.data.Id) +} + +func (s *SocialGithub) Type() int { + return models.OT_GITHUB +} + +func (s *SocialGithub) Name() string { + return s.data.Name +} + +func (s *SocialGithub) Email() string { + return s.data.Email +} - // Make the request. +func (s *SocialGithub) Token() string { + data, _ := json.Marshal(s.WebToken) + return string(data) +} + +// Github API refer: https://developer.github.com/v3/users/ +func (s *SocialGithub) Update() error { scope := "https://api.github.com/user" + transport := &oauth.Transport{ + Token: s.WebToken, + } + log.Debug("update github info") r, err := transport.Client().Get(scope) if err != nil { - log.Error("connect with github error: %s", err) - // FIXME: handle error page - return + return err } defer r.Body.Close() + return json.NewDecoder(r.Body).Decode(&s.data) +} - user := &GithubUser{} - err = json.NewDecoder(r.Body).Decode(user) - if err != nil { - log.Error("Get: %s", err) +// github && google && ... +func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { + gh := &SocialGithub{ + WebToken: &oauth.Token{ + AccessToken: tokens.Access(), + RefreshToken: tokens.Refresh(), + Expiry: tokens.ExpiryTime(), + Extra: tokens.ExtraData(), + }, } - log.Info("login: %s", user.Name) + var err error + var u *models.User + if err = gh.Update(); err != nil { + // FIXME: handle error page + log.Error("connect with github error: %s", err) + return + } + var soc SocialConnector = gh + log.Info("login: %s", soc.Name()) // FIXME: login here, user email to check auth, if not registe, then generate a uniq username + if u, err = models.GetOauth2User(soc.Identity()); err != nil { + u = &models.User{ + Name: soc.Name(), + Email: soc.Email(), + Passwd: "123456", + IsActive: !base.Service.RegisterEmailConfirm, + } + if u, err = models.RegisterUser(u); err != nil { + log.Error("register user: %v", err) + return + } + oa := &models.Oauth2{} + oa.Uid = u.Id + oa.Type = soc.Type() + oa.Token = soc.Token() + oa.Identity = soc.Identity() + log.Info("oa: %v", oa) + if err = models.AddOauth2(oa); err != nil { + log.Error("add oauth2 %v", err) + return + } + } + ctx.Session.Set("userId", u.Id) + ctx.Session.Set("userName", u.Name) + ctx.Redirect("/") } diff --git a/web.go b/web.go index 86c395e7..c8fb8dc0 100644 --- a/web.go +++ b/web.go @@ -20,13 +20,16 @@ import ( "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" - "github.com/gogits/gogs/modules/oauth2" + //"github.com/gogits/gogs/modules/oauth2" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/api/v1" "github.com/gogits/gogs/routers/dev" "github.com/gogits/gogs/routers/repo" "github.com/gogits/gogs/routers/user" + + "github.com/martini-contrib/oauth2" + "github.com/martini-contrib/sessions" ) var CmdWeb = cli.Command{ @@ -61,6 +64,7 @@ func runWeb(*cli.Context) { scope := "https://api.github.com/user" oauth2.PathCallback = "/oauth2callback" + m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) m.Use(oauth2.Github(&oauth2.Options{ ClientId: "09383403ff2dc16daaa1", ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", @@ -88,7 +92,7 @@ func runWeb(*cli.Context) { m.Get("/avatar/:hash", avt.ServeHTTP) m.Group("/user", func(r martini.Router) { - r.Any("/login/github", user.SocialSignIn) + r.Any("/login/github", reqSignOut, oauth2.LoginRequired, user.SocialSignIn) r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) r.Any("/forget_password", user.ForgotPasswd) -- cgit v1.2.3 From 9ea9818d3255e5b08293205e278240dece36687d Mon Sep 17 00:00:00 2001 From: Unknown Date: Mon, 7 Apr 2014 12:56:40 -0400 Subject: Fix issue with log in with GitHub but need more error handle after --- conf/app.ini | 8 +++++++ gogs.go | 2 +- models/user.go | 13 +++++++++++ modules/base/conf.go | 53 +++++++++++++++++++++++++++++++++++---------- modules/base/markdown.go | 13 +++++------ modules/mailer/mail.go | 31 ++++++++++++++++++++------ modules/oauth2/oauth2.go | 33 +++++++++++++++++----------- routers/repo/issue.go | 28 +++++++++++++++++++----- routers/user/social.go | 12 ++++++---- routers/user/user.go | 5 +++++ templates/issue/create.tmpl | 2 +- templates/user/signin.tmpl | 5 ++++- web.go | 22 ++++++++++--------- 13 files changed, 167 insertions(+), 60 deletions(-) (limited to 'models') diff --git a/conf/app.ini b/conf/app.ini index 43033eaa..c9024600 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -72,6 +72,14 @@ FROM = USER = PASSWD = +[oauth] +ENABLED = false + +[oauth.github] +ENABLED = +CLIENT_ID = +CLIENT_SECRET = + [cache] ; Either "memory", "redis", or "memcache", default is "memory" ADAPTER = memory diff --git a/gogs.go b/gogs.go index e7197482..df268980 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.2.0406 Alpha" +const APP_VER = "0.2.2.0407 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/user.go b/models/user.go index a5a6de09..0fcf7243 100644 --- a/models/user.go +++ b/models/user.go @@ -366,6 +366,19 @@ func GetUserByName(name string) (*User, error) { return user, nil } +// GetUserEmailsByNames returns a slice of e-mails corresponds to names. +func GetUserEmailsByNames(names []string) []string { + mails := make([]string, 0, len(names)) + for _, name := range names { + u, err := GetUserByName(name) + if err != nil { + continue + } + mails = append(mails, u.Email) + } + return mails +} + // GetUserByEmail returns the user object by given e-mail if exists. func GetUserByEmail(email string) (*User, error) { if len(email) == 0 { diff --git a/modules/base/conf.go b/modules/base/conf.go index 0a618ab1..ba9c320d 100644 --- a/modules/base/conf.go +++ b/modules/base/conf.go @@ -22,13 +22,21 @@ import ( "github.com/gogits/gogs/modules/log" ) -// Mailer represents a mail service. +// Mailer represents mail service. type Mailer struct { Name string Host string User, Passwd string } +// Oauther represents oauth service. +type Oauther struct { + GitHub struct { + Enabled bool + ClientId, ClientSecret string + } +} + var ( AppVer string AppName string @@ -45,8 +53,9 @@ var ( CookieUserName string CookieRememberName string - Cfg *goconfig.ConfigFile - MailService *Mailer + Cfg *goconfig.ConfigFile + MailService *Mailer + OauthService *Oauther LogMode string LogConfig string @@ -206,15 +215,17 @@ func newSessionService() { func newMailService() { // Check mailer setting. - if Cfg.MustBool("mailer", "ENABLED") { - MailService = &Mailer{ - Name: Cfg.MustValue("mailer", "NAME", AppName), - Host: Cfg.MustValue("mailer", "HOST"), - User: Cfg.MustValue("mailer", "USER"), - Passwd: Cfg.MustValue("mailer", "PASSWD"), - } - log.Info("Mail Service Enabled") + if !Cfg.MustBool("mailer", "ENABLED") { + return + } + + MailService = &Mailer{ + Name: Cfg.MustValue("mailer", "NAME", AppName), + Host: Cfg.MustValue("mailer", "HOST"), + User: Cfg.MustValue("mailer", "USER"), + Passwd: Cfg.MustValue("mailer", "PASSWD"), } + log.Info("Mail Service Enabled") } func newRegisterMailService() { @@ -239,6 +250,25 @@ func newNotifyMailService() { log.Info("Notify Mail Service Enabled") } +func newOauthService() { + if !Cfg.MustBool("oauth", "ENABLED") { + return + } + + OauthService = &Oauther{} + oauths := make([]string, 0, 10) + + // GitHub. + if Cfg.MustBool("oauth.github", "ENABLED") { + OauthService.GitHub.Enabled = true + OauthService.GitHub.ClientId = Cfg.MustValue("oauth.github", "CLIENT_ID") + OauthService.GitHub.ClientSecret = Cfg.MustValue("oauth.github", "CLIENT_SECRET") + oauths = append(oauths, "GitHub") + } + + log.Info("Oauth Service Enabled %s", oauths) +} + func NewConfigContext() { //var err error workDir, err := ExecDir() @@ -303,4 +333,5 @@ func NewServices() { newMailService() newRegisterMailService() newNotifyMailService() + newOauthService() } diff --git a/modules/base/markdown.go b/modules/base/markdown.go index f0992d04..ce1e2f5b 100644 --- a/modules/base/markdown.go +++ b/modules/base/markdown.go @@ -90,21 +90,21 @@ func (options *CustomRender) Link(out *bytes.Buffer, link []byte, title []byte, } var ( - mentionPattern = regexp.MustCompile(`@[0-9a-zA-Z_]{1,}`) + MentionPattern = regexp.MustCompile(`@[0-9a-zA-Z_]{1,}`) commitPattern = regexp.MustCompile(`(\s|^)https?.*commit/[0-9a-zA-Z]+(#+[0-9a-zA-Z-]*)?`) issueFullPattern = regexp.MustCompile(`(\s|^)https?.*issues/[0-9]+(#+[0-9a-zA-Z-]*)?`) - issueIndexPattern = regexp.MustCompile(`(\s|^)#[0-9]+`) + issueIndexPattern = regexp.MustCompile(`#[0-9]+`) ) func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { - ms := mentionPattern.FindAll(rawBytes, -1) + ms := MentionPattern.FindAll(rawBytes, -1) for _, m := range ms { rawBytes = bytes.Replace(rawBytes, m, []byte(fmt.Sprintf(`%s`, m[1:], m)), -1) } ms = commitPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) + m = bytes.TrimSpace(m) i := strings.Index(string(m), "commit/") j := strings.Index(string(m), "#") if j == -1 { @@ -115,7 +115,7 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } ms = issueFullPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) + m = bytes.TrimSpace(m) i := strings.Index(string(m), "issues/") j := strings.Index(string(m), "#") if j == -1 { @@ -126,9 +126,8 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } ms = issueIndexPattern.FindAll(rawBytes, -1) for _, m := range ms { - m = bytes.TrimPrefix(m, []byte(" ")) rawBytes = bytes.Replace(rawBytes, m, []byte(fmt.Sprintf( - ` %s`, urlPrefix, m[1:], m)), -1) + `%s`, urlPrefix, m[1:], m)), -1) } return rawBytes } diff --git a/modules/mailer/mail.go b/modules/mailer/mail.go index eee6b916..d2bf1310 100644 --- a/modules/mailer/mail.go +++ b/modules/mailer/mail.go @@ -111,11 +111,11 @@ func SendResetPasswdMail(r *middleware.Render, user *models.User) { SendAsync(&msg) } -// SendNotifyMail sends mail notification of all watchers. -func SendNotifyMail(user, owner *models.User, repo *models.Repository, issue *models.Issue) error { +// SendIssueNotifyMail sends mail notification of all watchers of repository. +func SendIssueNotifyMail(user, owner *models.User, repo *models.Repository, issue *models.Issue) ([]string, error) { watches, err := models.GetWatches(repo.Id) if err != nil { - return errors.New("mail.NotifyWatchers(get watches): " + err.Error()) + return nil, errors.New("mail.NotifyWatchers(get watches): " + err.Error()) } tos := make([]string, 0, len(watches)) @@ -126,20 +126,37 @@ func SendNotifyMail(user, owner *models.User, repo *models.Repository, issue *mo } u, err := models.GetUserById(uid) if err != nil { - return errors.New("mail.NotifyWatchers(get user): " + err.Error()) + return nil, errors.New("mail.NotifyWatchers(get user): " + err.Error()) } tos = append(tos, u.Email) } if len(tos) == 0 { - return nil + return tos, nil } subject := fmt.Sprintf("[%s] %s", repo.Name, issue.Name) content := fmt.Sprintf("%s
-
View it on Gogs.", - issue.Content, base.AppUrl, owner.Name, repo.Name, issue.Index) + base.RenderSpecialLink([]byte(issue.Content), owner.Name+"/"+repo.Name), + base.AppUrl, owner.Name, repo.Name, issue.Index) + msg := NewMailMessageFrom(tos, user.Name, subject, content) + msg.Info = fmt.Sprintf("Subject: %s, send issue notify emails", subject) + SendAsync(&msg) + return tos, nil +} + +// SendIssueMentionMail sends mail notification for who are mentioned in issue. +func SendIssueMentionMail(user, owner *models.User, repo *models.Repository, issue *models.Issue, tos []string) error { + if len(tos) == 0 { + return nil + } + + issueLink := fmt.Sprintf("%s%s/%s/issues/%d", base.AppUrl, owner.Name, repo.Name, issue.Index) + body := fmt.Sprintf(`%s mentioned you.`) + subject := fmt.Sprintf("[%s] %s", repo.Name, issue.Name) + content := fmt.Sprintf("%s
-
View it on Gogs.", body, issueLink) msg := NewMailMessageFrom(tos, user.Name, subject, content) - msg.Info = fmt.Sprintf("Subject: %s, send notify emails", subject) + msg.Info = fmt.Sprintf("Subject: %s, send issue mention emails", subject) SendAsync(&msg) return nil } diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go index 6612b95a..180c52ca 100644 --- a/modules/oauth2/oauth2.go +++ b/modules/oauth2/oauth2.go @@ -29,13 +29,13 @@ import ( "github.com/gogits/session" + "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" ) const ( - codeRedirect = 302 - keyToken = "oauth2_token" - keyNextPage = "next" + keyToken = "oauth2_token" + keyNextPage = "next" ) var ( @@ -179,42 +179,49 @@ var LoginRequired martini.Handler = func() martini.Handler { token := unmarshallToken(ctx.Session) if token == nil || token.IsExpired() { next := url.QueryEscape(ctx.Req.URL.RequestURI()) - ctx.Redirect(PathLogin+"?next="+next, codeRedirect) + ctx.Redirect(PathLogin + "?next=" + next) + return } } }() func login(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + next := extractPath(ctx.Query(keyNextPage)) if ctx.Session.Get(keyToken) == nil { // User is not logged in. - ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect) + ctx.Redirect(t.Config.AuthCodeURL(next)) return } // No need to login, redirect to the next page. - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func logout(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get(keyNextPage)) + next := extractPath(ctx.Query(keyNextPage)) ctx.Session.Delete(keyToken) - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) { - next := extractPath(ctx.Req.URL.Query().Get("state")) - code := ctx.Req.URL.Query().Get("code") + if errMsg := ctx.Query("error_description"); len(errMsg) > 0 { + log.Error("oauth2.handleOAuth2Callback: %s", errMsg) + return + } + + next := extractPath(ctx.Query("state")) + code := ctx.Query("code") tk, err := t.Exchange(code) if err != nil { // Pass the error message, or allow dev to provide its own // error handler. - ctx.Redirect(PathError, codeRedirect) + log.Error("oauth2.handleOAuth2Callback(token.Exchange): %v", err) + // ctx.Redirect(PathError) return } // Store the credentials in the session. val, _ := json.Marshal(tk) ctx.Session.Set(keyToken, val) - ctx.Redirect(next, codeRedirect) + ctx.Redirect(next) } func unmarshallToken(s session.SessionStore) (t *token) { diff --git a/routers/repo/issue.go b/routers/repo/issue.go index 38522e0c..9688fd4d 100644 --- a/routers/repo/issue.go +++ b/routers/repo/issue.go @@ -9,6 +9,7 @@ import ( "net/url" "strings" + "github.com/Unknwon/com" "github.com/go-martini/martini" "github.com/gogits/gogs/models" @@ -99,7 +100,7 @@ func CreateIssue(ctx *middleware.Context, params martini.Params, form auth.Creat issue, err := models.CreateIssue(ctx.User.Id, ctx.Repo.Repository.Id, form.MilestoneId, form.AssigneeId, ctx.Repo.Repository.NumIssues, form.IssueName, form.Labels, form.Content, false) if err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + ctx.Handle(200, "issue.CreateIssue(CreateIssue)", err) return } @@ -107,14 +108,31 @@ func CreateIssue(ctx *middleware.Context, params martini.Params, form auth.Creat if err = models.NotifyWatchers(&models.Action{ActUserId: ctx.User.Id, ActUserName: ctx.User.Name, ActEmail: ctx.User.Email, OpType: models.OP_CREATE_ISSUE, Content: fmt.Sprintf("%d|%s", issue.Index, issue.Name), RepoId: ctx.Repo.Repository.Id, RepoName: ctx.Repo.Repository.Name, RefName: ""}); err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + ctx.Handle(200, "issue.CreateIssue(NotifyWatchers)", err) return } - // Mail watchers. + // Mail watchers and mentions. if base.Service.NotifyMail { - if err = mailer.SendNotifyMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, issue); err != nil { - ctx.Handle(200, "issue.CreateIssue", err) + tos, err := mailer.SendIssueNotifyMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, issue) + if err != nil { + ctx.Handle(200, "issue.CreateIssue(SendIssueNotifyMail)", err) + return + } + + tos = append(tos, ctx.User.LowerName) + ms := base.MentionPattern.FindAllString(issue.Content, -1) + newTos := make([]string, 0, len(ms)) + for _, m := range ms { + if com.IsSliceContainsStr(tos, m[1:]) { + continue + } + + newTos = append(newTos, m[1:]) + } + if err = mailer.SendIssueMentionMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, + issue, models.GetUserEmailsByNames(newTos)); err != nil { + ctx.Handle(200, "issue.CreateIssue(SendIssueMentionMail)", err) return } } diff --git a/routers/user/social.go b/routers/user/social.go index f5577d80..08cfcd83 100644 --- a/routers/user/social.go +++ b/routers/user/social.go @@ -1,20 +1,20 @@ // Copyright 2014 The Gogs Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. + package user import ( "encoding/json" "strconv" + "code.google.com/p/goauth2/oauth" + "github.com/gogits/gogs/models" "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" - //"github.com/gogits/gogs/modules/oauth2" - - "code.google.com/p/goauth2/oauth" - "github.com/martini-contrib/oauth2" + "github.com/gogits/gogs/modules/oauth2" ) type SocialConnector interface { @@ -80,6 +80,10 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { Extra: tokens.ExtraData(), }, } + if len(tokens.Access()) == 0 { + log.Error("empty access") + return + } var err error var u *models.User if err = gh.Update(); err != nil { diff --git a/routers/user/user.go b/routers/user/user.go index 12f2bd8c..f6a39b86 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -78,6 +78,11 @@ func SignIn(ctx *middleware.Context, form auth.LogInForm) { ctx.Data["Title"] = "Log In" if ctx.Req.Method == "GET" { + if base.OauthService != nil { + ctx.Data["OauthEnabled"] = true + ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled + } + // Check auto-login. userName := ctx.GetCookie(base.CookieUserName) if len(userName) == 0 { diff --git a/templates/issue/create.tmpl b/templates/issue/create.tmpl index 01784cd2..5375040b 100644 --- a/templates/issue/create.tmpl +++ b/templates/issue/create.tmpl @@ -19,7 +19,7 @@
diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl index 43f47e41..eb4cb9cc 100644 --- a/templates/user/signin.tmpl +++ b/templates/user/signin.tmpl @@ -43,9 +43,12 @@
+ {{if .OauthEnabled}}
- Register new account +

Log In with Social Accounts

+ {{if .OauthGitHubEnabled}}{{end}}
+ {{end}} {{template "base/footer" .}} \ No newline at end of file diff --git a/web.go b/web.go index c8fb8dc0..8d53b9e1 100644 --- a/web.go +++ b/web.go @@ -20,16 +20,13 @@ import ( "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" - //"github.com/gogits/gogs/modules/oauth2" + "github.com/gogits/gogs/modules/oauth2" "github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/api/v1" "github.com/gogits/gogs/routers/dev" "github.com/gogits/gogs/routers/repo" "github.com/gogits/gogs/routers/user" - - "github.com/martini-contrib/oauth2" - "github.com/martini-contrib/sessions" ) var CmdWeb = cli.Command{ @@ -63,12 +60,17 @@ func runWeb(*cli.Context) { m.Use(middleware.InitContext()) scope := "https://api.github.com/user" - oauth2.PathCallback = "/oauth2callback" - m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) + // m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) + // m.Use(oauth2.Github(&oauth2.Options{ + // ClientId: "09383403ff2dc16daaa1", + // ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", + // RedirectURL: base.AppUrl + oauth2.PathCallback, + // Scopes: []string{scope}, + // })) m.Use(oauth2.Github(&oauth2.Options{ - ClientId: "09383403ff2dc16daaa1", - ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5", - RedirectURL: base.AppUrl + oauth2.PathCallback, + ClientId: "ba323b44192e65c7c320", + ClientSecret: "6818ffed53bea5815bf1a6412d1933f25fa10619", + RedirectURL: base.AppUrl + oauth2.PathCallback[1:], Scopes: []string{scope}, })) @@ -92,8 +94,8 @@ func runWeb(*cli.Context) { m.Get("/avatar/:hash", avt.ServeHTTP) m.Group("/user", func(r martini.Router) { - r.Any("/login/github", reqSignOut, oauth2.LoginRequired, user.SocialSignIn) r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) + r.Any("/login/github", oauth2.LoginRequired, user.SocialSignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) r.Any("/forget_password", user.ForgotPasswd) r.Any("/reset_password", user.ResetPasswd) -- cgit v1.2.3 From 22feddf804c7fbf3418cbbc8e7302da271da4e5a Mon Sep 17 00:00:00 2001 From: Unknown Date: Mon, 7 Apr 2014 14:24:58 -0400 Subject: Fix #66 --- models/repo.go | 14 ++++++++++---- modules/base/markdown.go | 14 +++++++------- 2 files changed, 17 insertions(+), 11 deletions(-) (limited to 'models') diff --git a/models/repo.go b/models/repo.go index acee6f6a..bb5c3637 100644 --- a/models/repo.go +++ b/models/repo.go @@ -138,11 +138,8 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv IsPrivate: private, IsBare: repoLang == "" && license == "" && !initReadme, } - repoPath := RepoPath(user.Name, repoName) - if err = initRepository(repoPath, user, repo, initReadme, repoLang, license); err != nil { - return nil, err - } + sess := orm.NewSession() defer sess.Close() sess.Begin() @@ -207,6 +204,10 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv log.Error("repo.CreateRepository(WatchRepo): %v", err) } + if err = initRepository(repoPath, user, repo, initReadme, repoLang, license); err != nil { + return nil, err + } + return repo, nil } @@ -332,6 +333,11 @@ func initRepository(f string, user *User, repo *Repository, initReadme bool, rep return nil } + // for update use + os.Setenv("userName", user.Name) + os.Setenv("userId", base.ToStr(user.Id)) + os.Setenv("repoName", repo.Name) + // Apply changes and commit. return initRepoCommit(tmpDir, user.NewGitSig()) } diff --git a/modules/base/markdown.go b/modules/base/markdown.go index ce1e2f5b..1893ccee 100644 --- a/modules/base/markdown.go +++ b/modules/base/markdown.go @@ -133,8 +133,8 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte { - body := RenderSpecialLink(rawBytes, urlPrefix) - fmt.Println(string(body)) + // body := RenderSpecialLink(rawBytes, urlPrefix) + // fmt.Println(string(body)) htmlFlags := 0 // htmlFlags |= gfm.HTML_USE_XHTML // htmlFlags |= gfm.HTML_USE_SMARTYPANTS @@ -146,10 +146,10 @@ func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte { htmlFlags |= gfm.HTML_GITHUB_BLOCKCODE htmlFlags |= gfm.HTML_OMIT_CONTENTS // htmlFlags |= gfm.HTML_COMPLETE_PAGE - // renderer := &CustomRender{ - // Renderer: gfm.HtmlRenderer(htmlFlags, "", ""), - // urlPrefix: urlPrefix, - // } + renderer := &CustomRender{ + Renderer: gfm.HtmlRenderer(htmlFlags, "", ""), + urlPrefix: urlPrefix, + } // set up the parser extensions := 0 @@ -162,7 +162,7 @@ func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte { extensions |= gfm.EXTENSION_SPACE_HEADERS extensions |= gfm.EXTENSION_NO_EMPTY_LINE_BEFORE_BLOCK - // body = gfm.Markdown(body, renderer, extensions) + body := gfm.Markdown(rawBytes, renderer, extensions) // fmt.Println(string(body)) return body } -- cgit v1.2.3