From d0827e5d5ebc8713e7ba40f560617c3306007ed7 Mon Sep 17 00:00:00 2001 From: Christopher Brickley Date: Thu, 8 Jan 2015 09:16:38 -0500 Subject: allow http push by token - #842 --- routers/repo/http.go | 41 ++++++++++++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 7 deletions(-) (limited to 'routers') diff --git a/routers/repo/http.go b/routers/repo/http.go index a5e01efc..862974ce 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -78,6 +78,7 @@ func Http(ctx *middleware.Context) { var askAuth = !isPublicPull || setting.Service.RequireSignInView var authUser *models.User var authUsername, passwd string + usedToken := false // check access if askAuth { @@ -103,15 +104,41 @@ func Http(ctx *middleware.Context) { authUser, err = models.GetUserByName(authUsername) if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return + // check if a token was given instead of username + tokens, err := models.ListAllAccessTokens() + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + for _, token := range tokens { + if token.Sha1 == authUsername { + // get user belonging to token + authUser, err = models.GetUserById(token.Uid) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + authUsername = authUser.Name + usedToken = true + break + } + } + + if authUser == nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } } - newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} - newUser.EncodePasswd() - if authUser.Passwd != newUser.Passwd { - ctx.Handle(401, "no basic auth and digit auth", nil) - return + // check password if token is not used + if !usedToken { + newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} + newUser.EncodePasswd() + if authUser.Passwd != newUser.Passwd { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } } if !isPublicPull { -- cgit v1.2.3