forked from gitea/gitea
Use gogits/session for oauth2
This commit is contained in:
parent
9791e70da6
commit
3ebc9b991a
|
@ -19,8 +19,6 @@ github.com/gogits/gfm=
|
|||
github.com/gogits/cache =
|
||||
github.com/gogits/session =
|
||||
github.com/gogits/webdav =
|
||||
github.com/martini-contrib/oauth2=
|
||||
github.com/martini-contrib/sessions=
|
||||
code.google.com/p/goauth2 =
|
||||
|
||||
[res]
|
||||
|
|
|
@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language
|
|||
|
||||
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
||||
|
||||
##### Current version: 0.2.0 Alpha
|
||||
##### Current version: 0.2.1 Alpha
|
||||
|
||||
#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site.
|
||||
|
||||
|
@ -31,7 +31,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o
|
|||
- Activity timeline
|
||||
- SSH/HTTPS(Clone only) protocol support.
|
||||
- Register/delete/rename account.
|
||||
- Create/delete/watch/rename public repository.
|
||||
- Create/delete/watch/rename/transfer public repository.
|
||||
- Repository viewer.
|
||||
- Issue tracker.
|
||||
- Gravatar and cache support.
|
||||
|
|
|
@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。
|
|||
|
||||
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
||||
|
||||
##### 当前版本:0.2.0 Alpha
|
||||
##### 当前版本:0.2.1 Alpha
|
||||
|
||||
## 开发目的
|
||||
|
||||
|
@ -25,7 +25,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依
|
|||
- 活动时间线
|
||||
- SSH/HTTPS(仅限 Clone) 协议支持
|
||||
- 注册/删除/重命名用户
|
||||
- 创建/删除/关注/重命名公开仓库
|
||||
- 创建/删除/关注/重命名/转移公开仓库
|
||||
- 仓库浏览器
|
||||
- Bug 追踪系统
|
||||
- Gravatar 以及缓存支持
|
||||
|
|
2
gogs.go
2
gogs.go
|
@ -19,7 +19,7 @@ import (
|
|||
// Test that go1.2 tag above is included in builds. main.go refers to this definition.
|
||||
const go12tag = true
|
||||
|
||||
const APP_VER = "0.2.0.0404 Alpha"
|
||||
const APP_VER = "0.2.1.0405 Alpha"
|
||||
|
||||
func init() {
|
||||
base.AppVer = APP_VER
|
||||
|
|
|
@ -78,7 +78,7 @@ func init() {
|
|||
type PublicKey struct {
|
||||
Id int64
|
||||
OwnerId int64 `xorm:"unique(s) index not null"`
|
||||
Name string `xorm:"unique(s) not null"` //UNIQUE(s)
|
||||
Name string `xorm:"unique(s) not null"`
|
||||
Fingerprint string
|
||||
Content string `xorm:"TEXT not null"`
|
||||
Created time.Time `xorm:"created"`
|
||||
|
|
|
@ -26,7 +26,10 @@ import (
|
|||
|
||||
"code.google.com/p/goauth2/oauth"
|
||||
"github.com/go-martini/martini"
|
||||
"github.com/martini-contrib/sessions"
|
||||
|
||||
"github.com/gogits/session"
|
||||
|
||||
"github.com/gogits/gogs/modules/middleware"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
|
|||
Transport: http.DefaultTransport,
|
||||
}
|
||||
|
||||
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == "GET" {
|
||||
switch r.URL.Path {
|
||||
return func(c martini.Context, ctx *middleware.Context) {
|
||||
if ctx.Req.Method == "GET" {
|
||||
switch ctx.Req.URL.Path {
|
||||
case PathLogin:
|
||||
login(transport, s, w, r)
|
||||
login(transport, ctx)
|
||||
case PathLogout:
|
||||
logout(transport, s, w, r)
|
||||
logout(transport, ctx)
|
||||
case PathCallback:
|
||||
handleOAuth2Callback(transport, s, w, r)
|
||||
handleOAuth2Callback(transport, ctx)
|
||||
}
|
||||
}
|
||||
|
||||
tk := unmarshallToken(s)
|
||||
tk := unmarshallToken(ctx.Session)
|
||||
if tk != nil {
|
||||
// check if the access token is expired
|
||||
if tk.IsExpired() && tk.Refresh() == "" {
|
||||
s.Delete(keyToken)
|
||||
ctx.Session.Delete(keyToken)
|
||||
tk = nil
|
||||
}
|
||||
}
|
||||
|
@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
|
|||
// Sample usage:
|
||||
// m.Get("/login-required", oauth2.LoginRequired, func() ... {})
|
||||
var LoginRequired martini.Handler = func() martini.Handler {
|
||||
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
|
||||
token := unmarshallToken(s)
|
||||
return func(c martini.Context, ctx *middleware.Context) {
|
||||
token := unmarshallToken(ctx.Session)
|
||||
if token == nil || token.IsExpired() {
|
||||
next := url.QueryEscape(r.URL.RequestURI())
|
||||
http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect)
|
||||
next := url.QueryEscape(ctx.Req.URL.RequestURI())
|
||||
ctx.Redirect(PathLogin+"?next="+next, codeRedirect)
|
||||
}
|
||||
}
|
||||
}()
|
||||
|
||||
func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
||||
next := extractPath(r.URL.Query().Get(keyNextPage))
|
||||
if s.Get(keyToken) == nil {
|
||||
func login(t *oauth.Transport, ctx *middleware.Context) {
|
||||
next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
|
||||
if ctx.Session.Get(keyToken) == nil {
|
||||
// User is not logged in.
|
||||
http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect)
|
||||
ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect)
|
||||
return
|
||||
}
|
||||
// No need to login, redirect to the next page.
|
||||
http.Redirect(w, r, next, codeRedirect)
|
||||
ctx.Redirect(next, codeRedirect)
|
||||
}
|
||||
|
||||
func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
||||
next := extractPath(r.URL.Query().Get(keyNextPage))
|
||||
s.Delete(keyToken)
|
||||
http.Redirect(w, r, next, codeRedirect)
|
||||
func logout(t *oauth.Transport, ctx *middleware.Context) {
|
||||
next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
|
||||
ctx.Session.Delete(keyToken)
|
||||
ctx.Redirect(next, codeRedirect)
|
||||
}
|
||||
|
||||
func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
||||
next := extractPath(r.URL.Query().Get("state"))
|
||||
code := r.URL.Query().Get("code")
|
||||
func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
|
||||
next := extractPath(ctx.Req.URL.Query().Get("state"))
|
||||
code := ctx.Req.URL.Query().Get("code")
|
||||
tk, err := t.Exchange(code)
|
||||
if err != nil {
|
||||
// Pass the error message, or allow dev to provide its own
|
||||
// error handler.
|
||||
http.Redirect(w, r, PathError, codeRedirect)
|
||||
ctx.Redirect(PathError, codeRedirect)
|
||||
return
|
||||
}
|
||||
// Store the credentials in the session.
|
||||
val, _ := json.Marshal(tk)
|
||||
s.Set(keyToken, val)
|
||||
http.Redirect(w, r, next, codeRedirect)
|
||||
ctx.Session.Set(keyToken, val)
|
||||
ctx.Redirect(next, codeRedirect)
|
||||
}
|
||||
|
||||
func unmarshallToken(s sessions.Session) (t *token) {
|
||||
func unmarshallToken(s session.SessionStore) (t *token) {
|
||||
if s.Get(keyToken) == nil {
|
||||
return
|
||||
}
|
||||
|
|
|
@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) {
|
|||
if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd,
|
||||
IsAdmin: true, IsActive: true}); err != nil {
|
||||
if err != models.ErrUserAlreadyExist {
|
||||
base.InstallLock = false
|
||||
ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form)
|
||||
return
|
||||
}
|
||||
|
|
23
web.go
23
web.go
|
@ -11,8 +11,6 @@ import (
|
|||
|
||||
"github.com/codegangsta/cli"
|
||||
"github.com/go-martini/martini"
|
||||
// "github.com/martini-contrib/oauth2"
|
||||
// "github.com/martini-contrib/sessions"
|
||||
|
||||
"github.com/gogits/binding"
|
||||
|
||||
|
@ -21,6 +19,7 @@ import (
|
|||
"github.com/gogits/gogs/modules/base"
|
||||
"github.com/gogits/gogs/modules/log"
|
||||
"github.com/gogits/gogs/modules/middleware"
|
||||
"github.com/gogits/gogs/modules/oauth2"
|
||||
"github.com/gogits/gogs/routers"
|
||||
"github.com/gogits/gogs/routers/admin"
|
||||
"github.com/gogits/gogs/routers/api/v1"
|
||||
|
@ -59,19 +58,17 @@ func runWeb(*cli.Context) {
|
|||
|
||||
// Middlewares.
|
||||
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
|
||||
|
||||
// scope := "https://api.github.com/user"
|
||||
// oauth2.PathCallback = "/oauth2callback"
|
||||
// m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
|
||||
// m.Use(oauth2.Github(&oauth2.Options{
|
||||
// ClientId: "09383403ff2dc16daaa1",
|
||||
// ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
|
||||
// RedirectURL: base.AppUrl + oauth2.PathCallback,
|
||||
// Scopes: []string{scope},
|
||||
// }))
|
||||
|
||||
m.Use(middleware.InitContext())
|
||||
|
||||
scope := "https://api.github.com/user"
|
||||
oauth2.PathCallback = "/oauth2callback"
|
||||
m.Use(oauth2.Github(&oauth2.Options{
|
||||
ClientId: "09383403ff2dc16daaa1",
|
||||
ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
|
||||
RedirectURL: base.AppUrl + oauth2.PathCallback,
|
||||
Scopes: []string{scope},
|
||||
}))
|
||||
|
||||
reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
|
||||
ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView})
|
||||
reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
|
||||
|
|
Loading…
Reference in New Issue