mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-04 10:30:19 -05:00
951309f76a
* Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
100 lines
2.7 KiB
Go
100 lines
2.7 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package setting
|
|
|
|
import (
|
|
"code.gitea.io/gitea/models"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
)
|
|
|
|
const (
|
|
tplSettingsSecurity base.TplName = "user/settings/security"
|
|
tplSettingsTwofaEnroll base.TplName = "user/settings/twofa_enroll"
|
|
)
|
|
|
|
// Security render change user's password page and 2FA
|
|
func Security(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings")
|
|
ctx.Data["PageIsSettingsSecurity"] = true
|
|
|
|
enrolled := true
|
|
_, err := models.GetTwoFactorByUID(ctx.User.ID)
|
|
if err != nil {
|
|
if models.IsErrTwoFactorNotEnrolled(err) {
|
|
enrolled = false
|
|
} else {
|
|
ctx.ServerError("SettingsTwoFactor", err)
|
|
return
|
|
}
|
|
}
|
|
ctx.Data["TwofaEnrolled"] = enrolled
|
|
if enrolled {
|
|
ctx.Data["U2FRegistrations"], err = models.GetU2FRegistrationsByUID(ctx.User.ID)
|
|
if err != nil {
|
|
ctx.ServerError("GetU2FRegistrationsByUID", err)
|
|
return
|
|
}
|
|
ctx.Data["RequireU2F"] = true
|
|
}
|
|
|
|
tokens, err := models.ListAccessTokens(ctx.User.ID)
|
|
if err != nil {
|
|
ctx.ServerError("ListAccessTokens", err)
|
|
return
|
|
}
|
|
ctx.Data["Tokens"] = tokens
|
|
|
|
accountLinks, err := models.ListAccountLinks(ctx.User)
|
|
if err != nil {
|
|
ctx.ServerError("ListAccountLinks", err)
|
|
return
|
|
}
|
|
|
|
// map the provider display name with the LoginSource
|
|
sources := make(map[*models.LoginSource]string)
|
|
for _, externalAccount := range accountLinks {
|
|
if loginSource, err := models.GetLoginSourceByID(externalAccount.LoginSourceID); err == nil {
|
|
var providerDisplayName string
|
|
if loginSource.IsOAuth2() {
|
|
providerTechnicalName := loginSource.OAuth2().Provider
|
|
providerDisplayName = models.OAuth2Providers[providerTechnicalName].DisplayName
|
|
} else {
|
|
providerDisplayName = loginSource.Name
|
|
}
|
|
sources[loginSource] = providerDisplayName
|
|
}
|
|
}
|
|
ctx.Data["AccountLinks"] = sources
|
|
|
|
if ctx.Query("openid.return_to") != "" {
|
|
settingsOpenIDVerify(ctx)
|
|
return
|
|
}
|
|
|
|
openid, err := models.GetUserOpenIDs(ctx.User.ID)
|
|
if err != nil {
|
|
ctx.ServerError("GetUserOpenIDs", err)
|
|
return
|
|
}
|
|
ctx.Data["OpenIDs"] = openid
|
|
|
|
ctx.HTML(200, tplSettingsSecurity)
|
|
}
|
|
|
|
// DeleteAccountLink delete a single account link
|
|
func DeleteAccountLink(ctx *context.Context) {
|
|
if _, err := models.RemoveAccountLink(ctx.User, ctx.QueryInt64("loginSourceID")); err != nil {
|
|
ctx.Flash.Error("RemoveAccountLink: " + err.Error())
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success"))
|
|
}
|
|
|
|
ctx.JSON(200, map[string]interface{}{
|
|
"redirect": setting.AppSubURL + "/user/settings/security",
|
|
})
|
|
}
|