1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-28 13:49:13 -05:00
Commit graph

80 commits

Author SHA1 Message Date
Jonas Franz
951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer
0857e289d5 fix links to prevent 404 after e.g. submitting a faulty form (#3982) 2018-05-18 21:02:04 -04:00
David Schneiderbauer
80d1998981 add missing token validation and fix missing alert on application settings page (#3976) 2018-05-16 22:18:13 +08:00
David Schneiderbauer
e45331d6d2 add user language value to hidden input to enable saving of profile without changing language (#3967) 2018-05-15 17:14:40 +03:00
David Schneiderbauer
099372d76c Refactor User Settings (#3900)
* moved avatar to profile page

* combined password change, email and account deletion into account settings page

* combined totp, access tokens, linked accounts and openid into security settings page

* move access tokens to applications settings page

* small change to restart drone build

* fix change avatar url on profile page

* redirect old settings urls to new ones

* enforce only one autofocus attribute on settings pages

* set correct redirect status code

* fmt fix
2018-05-15 13:07:32 +03:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
Morgan Bazalgette
fb8535e305 Make Generate New Token panel shown by default (#3832)
This is mostly a 'feel' change. The behaviour that is currently on the
access tokens pages is, as far as I know, not present in any other parts
of the frontend, and there's no real good reason to keep the 'Generate
New Token' panel hidden by default in my opinion.
2018-04-29 22:34:59 +03:00
Gerben
2dc6f15eca Don't warn users about *every* dirty form (#3707)
The choice regarding which forms should or should not trigger a warning
is subjective. I tried to be consistent and not warn about forms that:
 - run an action, rather than edit data: search, send an email.
 - delete data: a warning about losing data would be confusing

Note that forms on sign-in pages were already ignored (using a selector,
rather than an explicit class on the form element).

Fixes #3698.
2018-03-23 22:10:42 +08:00
Lunny Xiao
769ab1e424 fix gpg expired bug when time is zero (#3584) 2018-02-26 12:25:45 +02:00
Lauris BH
f9a5cc4d8e
Use correct transaltion key for delete email button (#3422) 2018-01-31 00:31:06 +02:00
Chris Woodward
5332052019 Fixed missing end tag for organization link (#3229) 2017-12-19 09:47:30 +02:00
Lunny Xiao
3b525d5696
fix gpg tmpl (#3153) 2017-12-11 22:07:25 +08:00
Lunny Xiao
f2e20c81b6 Refactor struct's time to remove unnecessary memory usage (#3142)
* refactor struct's time to remove unnecessary memory usage

* use AsTimePtr simple code

* fix tests

* fix time compare

* fix template on gpg

* use AddDuration instead of Add
2017-12-11 06:37:04 +02:00
Ethan Koenig
ea78a6db57 Spaces to tabs in templates (#2953) 2017-11-21 13:43:00 +08:00
Michael Kuhn
420fc8efc2 Disable add key button if SSH is disabled (#2873) 2017-11-21 11:49:33 +08:00
Shaun
4725f91543 Fix inconsistencies in user settings ui (#2901) 2017-11-13 09:21:41 +02:00
Lunny Xiao
9e865cee67 Merge password and 2fa page on user settings (#2695)
* merge password and 2fa page on user settings
2017-10-16 11:14:12 +02:00
Rémy Boulanouar
e5d80b7090 Implementation of all repositories of a user from user->settings (#1740)
* Implementation of all repositories of a user from user->settings

* Update message when no repository found

* Update according to comments

* Change UI to have a better look

* improved user repositories UI
2017-09-14 14:46:14 +03:00
Patrick G
bf187304dc Fix wording (#2024)
* Fix wording

* Update locale_en-US.ini

* Update keys_gpg.tmpl
2017-06-24 01:37:03 -05:00
Rémy Boulanouar
62f600cf1c Display all organization from user settings (#1739)
* Display all organization from user settings

* fix Tab selection

* Update locale_en-US.ini

* Add a condition for display Create organization button

* Remove french translation

* Remove unnecessary admin flag
2017-06-02 03:43:44 -05:00
Antoine GIRARD
431b26f6d7 Handle display of GPG key without end date (#1628) 2017-04-28 08:44:58 +08:00
Lunny Xiao
6853bf323a fix #1521 (#1621) 2017-04-27 20:15:56 +08:00
Antoine GIRARD
8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
Antoine GIRARD
912b340d0d Simplify settings pages with item list (#1389)
* Remove point column on ssh key setting page

* Remove un-used css

* Some cleaning

* Use octicon-key
2017-03-30 09:02:37 +08:00
Sandro Santilli
9182a35f18 Show user OpenID URIs in their profile (#1314) 2017-03-20 09:31:08 +01:00
Patrick G
b57b0c6e40 Fix inconsistency in layout (#1316) 2017-03-18 19:00:09 +08:00
Sandro Santilli
71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Patrick G
efbb895ebe Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270) 2017-03-15 23:39:38 +01:00
Sandro Santilli
7d8f9d1c46 Rename /forget_password url to /forgot_password
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`

Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
2017-03-14 22:54:07 +01:00
Sandro Santilli
8a98a25d8e Show a link to password reset from password change and delete account (#862)
It's helpful when you forgot your password thus cannot change it
(can happen if you log in via OAuth2 or OpenID)

Also make sure that both the delete-account and password-change
links to forgot-password will have the primary email pre-filled
2017-03-11 17:11:54 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Bo-Yi Wu
40f4377717 feat: fill in ssh key title automatically. (#863) 2017-02-09 17:58:04 +08:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
derSuessmann
51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Bwko
1e9730a779 Fixes xss, clickjacking & password autocompletion 2016-11-29 22:49:06 +01:00
Unknwon
99385db0c4 #3320 code cleanup 2016-08-07 11:01:47 -07:00
Sandro Santilli
90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon
a2f13eae55 #1157 some avatar setting changes
- Allow to delete current avatar
2016-03-05 00:51:51 -05:00
Unknwon
d0b0d24f22 #2154 disable change user for non-local users
- #2153 remove require for gravatar
2015-12-11 15:31:02 -05:00
Unknwon
3d5d61778a #1938 #1374 disable password change for non-local users 2015-12-10 19:02:57 -05:00
Adam Strzelecki
da2585c11e Indent all templates with tabs
This commit improves templates readability, since all of them use consistent
indent with all template command blocks indented too.

1. Indents both HTML containers such as <div>, <p> and Go HTML template blocks
   such as {{if}} {{with}}

2. Cleans all trailing white-space

3. Adds trailing last line-break to each file
2015-12-08 00:57:46 +01:00
Unknwon
4795fa01d8 fix #2101 2015-12-04 17:30:32 -05:00
Unknwon
3fb1b6a608 drop oauth2 feature support 2015-09-17 16:11:44 -04:00
Unknwon
52ec80fa18 finish all new user settings UI 2015-09-10 11:40:34 -04:00
Unknwon
85f34ba538 new user profile settings UI
Signed-off-by: Unknwon <u@gogs.io>
2015-09-06 16:31:22 -04:00
Unknwon
00767a0522 finish new org settings page 2015-09-06 11:25:08 -04:00
Unknwon
23f42d92c9 add webhook recent deliveries 2015-08-27 23:06:14 +08:00
Unknwon
062adbed8a add confirmation to delete ssh key 2015-08-20 17:11:29 +08:00
Unknwon
03b85b73af token recent activity 2015-08-19 06:22:33 +08:00
Unknwon
928d9fc1d4 fix access token style 2015-08-19 03:40:23 +08:00