1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-22 12:54:53 -05:00

fix .netrc authentication (#2700)

* provide both possible authentication solutions

Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
This commit is contained in:
David Schneiderbauer 2017-10-15 17:35:43 +02:00 committed by Lauris BH
parent 1ec4dc6c1d
commit 4ccb0fe338

View file

@ -139,19 +139,28 @@ func HTTP(ctx *context.Context) {
}
if authUser == nil {
authUser, err = models.GetUserByName(authUsername)
isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
} else {
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
// Assume username is token
authToken := authUsername
if !isUsernameToken {
// Assume password is token
authToken = authPasswd
authUser, err = models.GetUserByName(authUsername)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
} else {
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
}
return
}
return
}
// Assume password is a token.
token, err := models.GetAccessTokenBySHA(authPasswd)
token, err := models.GetAccessTokenBySHA(authToken)
if err != nil {
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
return
}
if authUser.ID != token.UID {
if isUsernameToken {
authUser, err = models.GetUserByID(token.UID)
if err != nil {
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
return
}
} else if authUser.ID != token.UID {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
return
}
@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
if err = models.UpdateAccessToken(token); err != nil {
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
}
} else {
_, err = models.GetTwoFactorByUID(authUser.ID)