forked from gitea/gitea
1
0
Fork 0
gitea/modules
Lunny Xiao 900e158064
refactor auth interface to return error when verify failure (#22119) (#22259)
backport #22119

This PR changed the Auth interface signature from `Verify(http
*http.Request, w http.ResponseWriter, store DataStore, sess
SessionStore) *user_model.User`
to 
`Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess
SessionStore) (*user_model.User, error)`.

There is a new return argument `error` which means the verification
condition matched but verify process failed, we should stop the auth
process.

Before this PR, when return a `nil` user, we don't know the reason why
it returned `nil`. If the match condition is not satisfied or it
verified failure? For these two different results, we should have
different handler. If the match condition is not satisfied, we should
try next auth method and if there is no more auth method, it's an
anonymous user. If the condition matched but verify failed, the auth
process should be stop and return immediately.

This will fix #20563

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Jason Song <i@wolfogre.com>
2022-12-29 13:50:09 +08:00
..
activitypub Fix dashboard ignored system setting cache (#21621) (#21759) 2022-11-10 19:41:44 +08:00
analyze Simplify `IsVendor` (#19626) 2022-05-06 10:12:30 +01:00
auth Remove legacy `+build:` constraint (#19582) 2022-05-02 23:22:45 +08:00
avatar Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
base Add generic set type (#21408) 2022-10-12 13:18:26 +08:00
cache Fix dashboard ignored system setting cache (#21621) (#21759) 2022-11-10 19:41:44 +08:00
charset Ensure that plain files are rendered correctly even when containing ambiguous characters (#22017) (#22160) 2022-12-19 23:51:21 +08:00
container Add generic set type (#21408) 2022-10-12 13:18:26 +08:00
context refactor auth interface to return error when verify failure (#22119) (#22259) 2022-12-29 13:50:09 +08:00
convert Use GhostUser if needed for TrackedTimes (#22021) (#22029) 2022-12-05 14:20:37 +02:00
csv Go 1.19 format (#20758) 2022-08-30 21:15:45 -05:00
doctor Prevent dangling user redirects (#21856) (#21858) 2022-11-18 22:25:00 +08:00
emoji Go 1.19 format (#20758) 2022-08-30 21:15:45 -05:00
eventsource Move some files into models' sub packages (#20262) 2022-08-25 10:31:57 +08:00
generate Use base32 for 2FA scratch token (#18384) 2022-01-26 12:10:10 +08:00
git Use complete SHA to create and query commit status (#22244) (#22257) 2022-12-28 11:03:21 +01:00
gitgraph Refactor git command arguments and make all arguments to be safe to be used (#21535) 2022-10-23 22:44:45 +08:00
graceful Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
hcaptcha hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
highlight Upgrade chroma to v2.3.0 (#21259) 2022-09-26 13:50:03 +08:00
hostmatcher Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
httpcache Add Cache-Control header to html and api responses, add no-transform (#20432) 2022-07-23 14:38:03 +08:00
httplib refactor httplib (#18338) 2022-01-19 19:31:39 -05:00
indexer Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
issue/template Use path not filepath in template filenames (#21993) (#22022) 2022-12-04 13:58:58 +08:00
json Refactor legacy `unknwon/com` package, improve golangci lint (#19284) 2022-04-01 16:47:50 +08:00
lfs Removed some vestigial code related to Range bounds checks (#20312) 2022-07-28 11:04:36 +08:00
log Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
markup Support comma-delimited string as labels in issue template (#21831) (#21873) 2022-11-20 10:44:20 +00:00
mcaptcha Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
metrics Move some files into models' sub packages (#20262) 2022-08-25 10:31:57 +08:00
migration Add more checks in migration code (#21011) 2022-09-04 13:47:56 +03:00
mirror Implement sync push mirror on commit (#19411) 2022-07-08 20:45:12 +01:00
nosql fix broken insecureskipverify handling in rediss connection uris (#20967) 2022-08-29 16:38:49 +02:00
notification Decouple HookTask from Repository (#17940) 2022-10-21 18:21:56 +02:00
options Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
packages Normalize NuGet package version on upload (#22186) (#22200) 2022-12-21 14:50:17 -06:00
paginator Remove unnecessary misspell ignore pattern (#21475) 2022-10-18 12:52:25 -04:00
password Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
pprof Go 1.19 format (#20758) 2022-08-30 21:15:45 -05:00
private Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
process Add more linters to improve code readability (#19989) 2022-06-20 12:02:49 +02:00
proxy Return nil proxy function if proxy not enabled (#16742) 2021-08-19 16:41:20 -04:00
proxyprotocol Support Proxy protocol (#12527) 2022-08-21 19:20:43 +01:00
public Add generic set type (#21408) 2022-10-12 13:18:26 +08:00
queue Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
recaptcha Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
references Remove unnecessary misspell ignore pattern (#21475) 2022-10-18 12:52:25 -04:00
regexplru Custom regexp external issues (#17624) 2022-06-10 13:39:53 +08:00
repository Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551) 2022-10-24 20:29:17 +01:00
secret Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) 2022-02-04 18:03:15 +01:00
session format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
setting Add setting to disable the git apply step in test patch (#22130) (#22170) 2022-12-22 11:59:10 +01:00
sitemap Add sitemap support (#18407) 2022-06-25 19:06:01 +02:00
ssh Support Proxy protocol (#12527) 2022-08-21 19:20:43 +01:00
storage Local storage should not store files as executable (#22162) (#22163) 2022-12-19 01:12:25 +02:00
structs Support comma-delimited string as labels in issue template (#21831) (#21873) 2022-11-20 10:44:20 +00:00
svg Remove legacy `+build:` constraint (#19582) 2022-05-02 23:22:45 +08:00
sync Add generic set type (#21408) 2022-10-12 13:18:26 +08:00
system Fix dashboard ignored system setting cache (#21621) (#21759) 2022-11-10 19:41:44 +08:00
templates Fix vertical align of committer avatar rendered by email address (#21884) (#21918) 2022-11-24 10:52:20 +08:00
test Refactor AssertExistsAndLoadBean to use generics (#20797) 2022-08-16 10:22:25 +08:00
timeutil Check for zero time instant in TimeStamp.IsZero() (#22171) (#22172) 2022-12-20 10:04:46 +08:00
translation Make every not exist error unwrappable to a fs.ErrNotExist (#20891) 2022-10-18 07:50:37 +02:00
typesniffer Rework raw file http header logic (#20484) 2022-07-29 17:26:55 +02:00
updatechecker Add system setting table with cache and also add cache supports for user setting (#18058) 2022-10-17 07:29:26 +08:00
upload Simplify parameter types (#18006) 2021-12-20 04:41:31 +00:00
uri Prevent NPE if gitea uploader fails to open url (#18080) 2021-12-23 16:27:33 +00:00
user Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
util Make every not exist error unwrappable to a fs.ErrNotExist (#20891) 2022-10-18 07:50:37 +02:00
validation Add more checks in migration code (#21011) 2022-09-04 13:47:56 +03:00
watcher Share HTML template renderers and create a watcher framework (#20218) 2022-08-28 10:43:25 +01:00
web refactor webhook *NewPost (#20729) 2022-08-11 17:48:23 +02:00