Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-29 13:16:10 +01:00

Use gogits/session for oauth2

This commit is contained in:
Unknown 2014-04-05 11:22:14 -04:00
parent 9791e70da6
commit 3ebc9b991a
8 changed files with 69 additions and 70 deletions

View file

@ -19,8 +19,6 @@ github.com/gogits/gfm=
github.com/gogits/cache = github.com/gogits/cache =
github.com/gogits/session = github.com/gogits/session =
github.com/gogits/webdav = github.com/gogits/webdav =
github.com/martini-contrib/oauth2=
github.com/martini-contrib/sessions=
code.google.com/p/goauth2 = code.google.com/p/goauth2 =
[res] [res]

View file

@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language
![Demo](http://gowalker.org/public/gogs_demo.gif) ![Demo](http://gowalker.org/public/gogs_demo.gif)
##### Current version: 0.2.0 Alpha ##### Current version: 0.2.1 Alpha
#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site. #### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site.
@ -31,7 +31,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o
- Activity timeline - Activity timeline
- SSH/HTTPS(Clone only) protocol support. - SSH/HTTPS(Clone only) protocol support.
- Register/delete/rename account. - Register/delete/rename account.
- Create/delete/watch/rename public repository. - Create/delete/watch/rename/transfer public repository.
- Repository viewer. - Repository viewer.
- Issue tracker. - Issue tracker.
- Gravatar and cache support. - Gravatar and cache support.

View file

@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。
![Demo](http://gowalker.org/public/gogs_demo.gif) ![Demo](http://gowalker.org/public/gogs_demo.gif)
##### 当前版本0.2.0 Alpha ##### 当前版本0.2.1 Alpha
## 开发目的 ## 开发目的
@ -25,7 +25,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依
- 活动时间线 - 活动时间线
- SSH/HTTPS仅限 Clone 协议支持 - SSH/HTTPS仅限 Clone 协议支持
- 注册/删除/重命名用户 - 注册/删除/重命名用户
- 创建/删除/关注/重命名公开仓库 - 创建/删除/关注/重命名/转移公开仓库
- 仓库浏览器 - 仓库浏览器
- Bug 追踪系统 - Bug 追踪系统
- Gravatar 以及缓存支持 - Gravatar 以及缓存支持

View file

@ -19,7 +19,7 @@ import (
// Test that go1.2 tag above is included in builds. main.go refers to this definition. // Test that go1.2 tag above is included in builds. main.go refers to this definition.
const go12tag = true const go12tag = true
const APP_VER = "0.2.0.0404 Alpha" const APP_VER = "0.2.1.0405 Alpha"
func init() { func init() {
base.AppVer = APP_VER base.AppVer = APP_VER

View file

@ -78,7 +78,7 @@ func init() {
type PublicKey struct { type PublicKey struct {
Id int64 Id int64
OwnerId int64 `xorm:"unique(s) index not null"` OwnerId int64 `xorm:"unique(s) index not null"`
Name string `xorm:"unique(s) not null"` //UNIQUE(s) Name string `xorm:"unique(s) not null"`
Fingerprint string Fingerprint string
Content string `xorm:"TEXT not null"` Content string `xorm:"TEXT not null"`
Created time.Time `xorm:"created"` Created time.Time `xorm:"created"`

View file

@ -26,7 +26,10 @@ import (
"code.google.com/p/goauth2/oauth" "code.google.com/p/goauth2/oauth"
"github.com/go-martini/martini" "github.com/go-martini/martini"
"github.com/martini-contrib/sessions"
"github.com/gogits/session"
"github.com/gogits/gogs/modules/middleware"
) )
const ( const (
@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
Transport: http.DefaultTransport, Transport: http.DefaultTransport,
} }
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { return func(c martini.Context, ctx *middleware.Context) {
if r.Method == "GET" { if ctx.Req.Method == "GET" {
switch r.URL.Path { switch ctx.Req.URL.Path {
case PathLogin: case PathLogin:
login(transport, s, w, r) login(transport, ctx)
case PathLogout: case PathLogout:
logout(transport, s, w, r) logout(transport, ctx)
case PathCallback: case PathCallback:
handleOAuth2Callback(transport, s, w, r) handleOAuth2Callback(transport, ctx)
} }
} }
tk := unmarshallToken(s) tk := unmarshallToken(ctx.Session)
if tk != nil { if tk != nil {
// check if the access token is expired // check if the access token is expired
if tk.IsExpired() && tk.Refresh() == "" { if tk.IsExpired() && tk.Refresh() == "" {
s.Delete(keyToken) ctx.Session.Delete(keyToken)
tk = nil tk = nil
} }
} }
@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
// Sample usage: // Sample usage:
// m.Get("/login-required", oauth2.LoginRequired, func() ... {}) // m.Get("/login-required", oauth2.LoginRequired, func() ... {})
var LoginRequired martini.Handler = func() martini.Handler { var LoginRequired martini.Handler = func() martini.Handler {
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { return func(c martini.Context, ctx *middleware.Context) {
token := unmarshallToken(s) token := unmarshallToken(ctx.Session)
if token == nil || token.IsExpired() { if token == nil || token.IsExpired() {
next := url.QueryEscape(r.URL.RequestURI()) next := url.QueryEscape(ctx.Req.URL.RequestURI())
http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect) ctx.Redirect(PathLogin+"?next="+next, codeRedirect)
} }
} }
}() }()
func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { func login(t *oauth.Transport, ctx *middleware.Context) {
next := extractPath(r.URL.Query().Get(keyNextPage)) next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
if s.Get(keyToken) == nil { if ctx.Session.Get(keyToken) == nil {
// User is not logged in. // User is not logged in.
http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect) ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect)
return return
} }
// No need to login, redirect to the next page. // No need to login, redirect to the next page.
http.Redirect(w, r, next, codeRedirect) ctx.Redirect(next, codeRedirect)
} }
func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { func logout(t *oauth.Transport, ctx *middleware.Context) {
next := extractPath(r.URL.Query().Get(keyNextPage)) next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
s.Delete(keyToken) ctx.Session.Delete(keyToken)
http.Redirect(w, r, next, codeRedirect) ctx.Redirect(next, codeRedirect)
} }
func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) { func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
next := extractPath(r.URL.Query().Get("state")) next := extractPath(ctx.Req.URL.Query().Get("state"))
code := r.URL.Query().Get("code") code := ctx.Req.URL.Query().Get("code")
tk, err := t.Exchange(code) tk, err := t.Exchange(code)
if err != nil { if err != nil {
// Pass the error message, or allow dev to provide its own // Pass the error message, or allow dev to provide its own
// error handler. // error handler.
http.Redirect(w, r, PathError, codeRedirect) ctx.Redirect(PathError, codeRedirect)
return return
} }
// Store the credentials in the session. // Store the credentials in the session.
val, _ := json.Marshal(tk) val, _ := json.Marshal(tk)
s.Set(keyToken, val) ctx.Session.Set(keyToken, val)
http.Redirect(w, r, next, codeRedirect) ctx.Redirect(next, codeRedirect)
} }
func unmarshallToken(s sessions.Session) (t *token) { func unmarshallToken(s session.SessionStore) (t *token) {
if s.Get(keyToken) == nil { if s.Get(keyToken) == nil {
return return
} }

View file

@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) {
if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd, if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd,
IsAdmin: true, IsActive: true}); err != nil { IsAdmin: true, IsActive: true}); err != nil {
if err != models.ErrUserAlreadyExist { if err != models.ErrUserAlreadyExist {
base.InstallLock = false
ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form) ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form)
return return
} }

23
web.go
View file

@ -11,8 +11,6 @@ import (
"github.com/codegangsta/cli" "github.com/codegangsta/cli"
"github.com/go-martini/martini" "github.com/go-martini/martini"
// "github.com/martini-contrib/oauth2"
// "github.com/martini-contrib/sessions"
"github.com/gogits/binding" "github.com/gogits/binding"
@ -21,6 +19,7 @@ import (
"github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/base"
"github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/log"
"github.com/gogits/gogs/modules/middleware" "github.com/gogits/gogs/modules/middleware"
"github.com/gogits/gogs/modules/oauth2"
"github.com/gogits/gogs/routers" "github.com/gogits/gogs/routers"
"github.com/gogits/gogs/routers/admin" "github.com/gogits/gogs/routers/admin"
"github.com/gogits/gogs/routers/api/v1" "github.com/gogits/gogs/routers/api/v1"
@ -59,19 +58,17 @@ func runWeb(*cli.Context) {
// Middlewares. // Middlewares.
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}})) m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
// scope := "https://api.github.com/user"
// oauth2.PathCallback = "/oauth2callback"
// m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
// m.Use(oauth2.Github(&oauth2.Options{
// ClientId: "09383403ff2dc16daaa1",
// ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
// RedirectURL: base.AppUrl + oauth2.PathCallback,
// Scopes: []string{scope},
// }))
m.Use(middleware.InitContext()) m.Use(middleware.InitContext())
scope := "https://api.github.com/user"
oauth2.PathCallback = "/oauth2callback"
m.Use(oauth2.Github(&oauth2.Options{
ClientId: "09383403ff2dc16daaa1",
ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
RedirectURL: base.AppUrl + oauth2.PathCallback,
Scopes: []string{scope},
}))
reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true}) reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView}) ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView})
reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true}) reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})