diff --git a/models/publickey.go b/models/publickey.go index 42d2523b5f16..426e6b0be78d 100644 --- a/models/publickey.go +++ b/models/publickey.go @@ -77,8 +77,8 @@ func init() { // PublicKey represents a SSH key of user. type PublicKey struct { Id int64 - OwnerId int64 `xorm:" index not null"` - Name string `xorm:" not null"` //UNIQUE(s) + OwnerId int64 `xorm:"unique(s) index not null"` + Name string `xorm:"unique(s) not null"` //UNIQUE(s) Fingerprint string Content string `xorm:"TEXT not null"` Created time.Time `xorm:"created"` diff --git a/routers/repo/repo.go b/routers/repo/repo.go index b6a5d1780c91..d223600c521c 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -261,7 +261,7 @@ func basicDecode(encoded string) (user string, name string, err error) { } func authRequired(ctx *middleware.Context) { - ctx.ResponseWriter.Header().Set("WWW-Authenticate", `Basic realm="Gogs Auth"`) + ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"") ctx.Data["ErrorMsg"] = "no basic auth and digit auth" ctx.HTML(401, fmt.Sprintf("status/401")) } @@ -273,6 +273,8 @@ func Http(ctx *middleware.Context, params martini.Params) { reponame = reponame[:len(reponame)-4] } + //fmt.Println("req:", ctx.Req.Header) + repoUser, err := models.GetUserByName(username) if err != nil { ctx.Handle(500, "repo.GetUserByName", nil) @@ -297,45 +299,45 @@ func Http(ctx *middleware.Context, params martini.Params) { // check basic auth baHead := ctx.Req.Header.Get("Authorization") - if baHead != "" { - auths := strings.Fields(baHead) - if len(auths) != 2 || auths[0] != "Basic" { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - authUsername, passwd, err := basicDecode(auths[1]) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - authUser, err := models.GetUserByName(authUsername) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - newUser := &models.User{Passwd: passwd} - newUser.EncodePasswd() - if authUser.Passwd != newUser.Passwd { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - var tp = models.AU_WRITABLE - if isPull { - tp = models.AU_READABLE - } - - has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) - if err != nil || !has { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - } else { + if baHead == "" { authRequired(ctx) return } + + auths := strings.Fields(baHead) + if len(auths) != 2 || auths[0] != "Basic" { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + authUsername, passwd, err := basicDecode(auths[1]) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + authUser, err := models.GetUserByName(authUsername) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + newUser := &models.User{Passwd: passwd} + newUser.EncodePasswd() + if authUser.Passwd != newUser.Passwd { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + var tp = models.AU_WRITABLE + if isPull { + tp = models.AU_READABLE + } + + has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) + if err != nil || !has { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } } dir := models.RepoPath(username, reponame)