func generateOrgRandsAndSalt(x *xorm.Engine) (err error) {
type User struct {
ID int64 `xorm:"pk autoincr"`
Rands string `xorm:"VARCHAR(10)"`
Salt string `xorm:"VARCHAR(10)"`
}
orgs := make([]*User, 0, 10)
if err = x.Where("type=1").And("rands=''").Find(&orgs); err != nil {
return fmt.Errorf("select all organizations: %v", err)
}
sess := x.NewSession()
defer sessionRelease(sess)
if err = sess.Begin(); err != nil {
return err
}
for _, org := range orgs {
org.Rands = base.GetRandomString(10)
org.Salt = base.GetRandomString(10)
if _, err = sess.Id(org.ID).Update(org); err != nil {
return err
}
}
return sess.Commit()
}
func OauthAuthorize(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("oauth/authorize")
conf := &oauth2.Config{
ClientID: setting.Cfg.Section("oauth").Key("CLIENTID").String(),
ClientSecret: setting.Cfg.Section("oauth").Key("CLIENTSECRET").String(),
RedirectURL: setting.Cfg.Section("oauth").Key("REDIRECTURL").String(),
Scopes: []string{setting.Cfg.Section("oauth").Key("SCOPE").String()},
Endpoint: oauth2.Endpoint{
AuthURL: setting.Cfg.Section("oauth").Key("AUTHURL").String(),
TokenURL: setting.Cfg.Section("oauth").Key("TOKENURL").String(),
},
}
random := base.GetRandomString(10)
err := ctx.Session.Set("state", random)
if err != nil {
ctx.Handle(500, "error in session", err)
}
url := conf.AuthCodeURL(random, oauth2.AccessTypeOnline)
ctx.Redirect(setting.AppSubUrl + url)
}
func InstallPost(ctx *context.Context, form auth.InstallForm) {
ctx.Data["CurDbOption"] = form.DbType
if ctx.HasError() {
if ctx.HasValue("Err_SMTPEmail") {
ctx.Data["Err_SMTP"] = true
}
if ctx.HasValue("Err_AdminName") ||
ctx.HasValue("Err_AdminPasswd") ||
ctx.HasValue("Err_AdminEmail") {
ctx.Data["Err_Admin"] = true
}
ctx.HTML(200, INSTALL)
return
}
if _, err := exec.LookPath("git"); err != nil {
ctx.RenderWithErr(ctx.Tr("install.test_git_failed", err), INSTALL, &form)
return
}
// Pass basic check, now test configuration.
// Test database setting.
dbTypes := map[string]string{"MySQL": "mysql", "PostgreSQL": "postgres", "SQLite3": "sqlite3", "TiDB": "tidb"}
models.DbCfg.Type = dbTypes[form.DbType]
models.DbCfg.Host = form.DbHost
models.DbCfg.User = form.DbUser
models.DbCfg.Passwd = form.DbPasswd
models.DbCfg.Name = form.DbName
models.DbCfg.SSLMode = form.SSLMode
models.DbCfg.Path = form.DbPath
if (models.DbCfg.Type == "sqlite3" || models.DbCfg.Type == "tidb") &&
len(models.DbCfg.Path) == 0 {
ctx.Data["Err_DbPath"] = true
ctx.RenderWithErr(ctx.Tr("install.err_empty_db_path"), INSTALL, &form)
return
} else if models.DbCfg.Type == "tidb" &&
strings.ContainsAny(path.Base(models.DbCfg.Path), ".-") {
ctx.Data["Err_DbPath"] = true
ctx.RenderWithErr(ctx.Tr("install.err_invalid_tidb_name"), INSTALL, &form)
return
}
// Set test engine.
var x *xorm.Engine
if err := models.NewTestEngine(x); err != nil {
if strings.Contains(err.Error(), `Unknown database type: sqlite3`) {
ctx.Data["Err_DbType"] = true
ctx.RenderWithErr(ctx.Tr("install.sqlite3_not_available", "http://gogs.io/docs/installation/install_from_binary.html"), INSTALL, &form)
} else {
ctx.Data["Err_DbSetting"] = true
ctx.RenderWithErr(ctx.Tr("install.invalid_db_setting", err), INSTALL, &form)
}
return
}
// Test repository root path.
form.RepoRootPath = strings.Replace(form.RepoRootPath, "\\", "/", -1)
if err := os.MkdirAll(form.RepoRootPath, os.ModePerm); err != nil {
ctx.Data["Err_RepoRootPath"] = true
ctx.RenderWithErr(ctx.Tr("install.invalid_repo_path", err), INSTALL, &form)
return
}
// Test log root path.
form.LogRootPath = strings.Replace(form.LogRootPath, "\\", "/", -1)
if err := os.MkdirAll(form.LogRootPath, os.ModePerm); err != nil {
ctx.Data["Err_LogRootPath"] = true
ctx.RenderWithErr(ctx.Tr("install.invalid_log_root_path", err), INSTALL, &form)
return
}
// Check run user.
curUser := user.CurrentUsername()
if form.RunUser != curUser {
ctx.Data["Err_RunUser"] = true
ctx.RenderWithErr(ctx.Tr("install.run_user_not_match", form.RunUser, curUser), INSTALL, &form)
return
}
// Check logic loophole between disable self-registration and no admin account.
if form.DisableRegistration && len(form.AdminName) == 0 {
ctx.Data["Err_Services"] = true
ctx.Data["Err_Admin"] = true
ctx.RenderWithErr(ctx.Tr("install.no_admin_and_disable_registration"), INSTALL, form)
return
}
// Check admin password.
if len(form.AdminName) > 0 && len(form.AdminPasswd) == 0 {
ctx.Data["Err_Admin"] = true
ctx.Data["Err_AdminPasswd"] = true
ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_password"), INSTALL, form)
return
}
if form.AdminPasswd != form.AdminConfirmPasswd {
ctx.Data["Err_Admin"] = true
ctx.Data["Err_AdminPasswd"] = true
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), INSTALL, form)
return
}
if form.AppUrl[len(form.AppUrl)-1] != '/' {
form.AppUrl += "/"
}
// Save settings.
cfg := ini.Empty()
if com.IsFile(setting.CustomConf) {
// Keeps custom settings if there is already something.
if err := cfg.Append(setting.CustomConf); err != nil {
log.Error(4, "Fail to load custom conf '%s': %v", setting.CustomConf, err)
}
}
cfg.Section("database").Key("DB_TYPE").SetValue(models.DbCfg.Type)
cfg.Section("database").Key("HOST").SetValue(models.DbCfg.Host)
cfg.Section("database").Key("NAME").SetValue(models.DbCfg.Name)
cfg.Section("database").Key("USER").SetValue(models.DbCfg.User)
cfg.Section("database").Key("PASSWD").SetValue(models.DbCfg.Passwd)
cfg.Section("database").Key("SSL_MODE").SetValue(models.DbCfg.SSLMode)
cfg.Section("database").Key("PATH").SetValue(models.DbCfg.Path)
cfg.Section("").Key("APP_NAME").SetValue(form.AppName)
cfg.Section("repository").Key("ROOT").SetValue(form.RepoRootPath)
cfg.Section("").Key("RUN_USER").SetValue(form.RunUser)
cfg.Section("server").Key("DOMAIN").SetValue(form.Domain)
cfg.Section("server").Key("HTTP_PORT").SetValue(form.HTTPPort)
cfg.Section("server").Key("ROOT_URL").SetValue(form.AppUrl)
if form.SSHPort == 0 {
cfg.Section("server").Key("DISABLE_SSH").SetValue("true")
} else {
cfg.Section("server").Key("DISABLE_SSH").SetValue("false")
cfg.Section("server").Key("SSH_PORT").SetValue(com.ToStr(form.SSHPort))
}
if len(strings.TrimSpace(form.SMTPHost)) > 0 {
cfg.Section("mailer").Key("ENABLED").SetValue("true")
cfg.Section("mailer").Key("HOST").SetValue(form.SMTPHost)
cfg.Section("mailer").Key("FROM").SetValue(form.SMTPFrom)
cfg.Section("mailer").Key("USER").SetValue(form.SMTPEmail)
cfg.Section("mailer").Key("PASSWD").SetValue(form.SMTPPasswd)
} else {
cfg.Section("mailer").Key("ENABLED").SetValue("false")
}
cfg.Section("service").Key("REGISTER_EMAIL_CONFIRM").SetValue(com.ToStr(form.RegisterConfirm))
cfg.Section("service").Key("ENABLE_NOTIFY_MAIL").SetValue(com.ToStr(form.MailNotify))
cfg.Section("server").Key("OFFLINE_MODE").SetValue(com.ToStr(form.OfflineMode))
cfg.Section("picture").Key("DISABLE_GRAVATAR").SetValue(com.ToStr(form.DisableGravatar))
cfg.Section("service").Key("DISABLE_REGISTRATION").SetValue(com.ToStr(form.DisableRegistration))
cfg.Section("service").Key("ENABLE_CAPTCHA").SetValue(com.ToStr(form.EnableCaptcha))
cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").SetValue(com.ToStr(form.RequireSignInView))
cfg.Section("").Key("RUN_MODE").SetValue("prod")
cfg.Section("session").Key("PROVIDER").SetValue("file")
cfg.Section("log").Key("MODE").SetValue("file")
cfg.Section("log").Key("LEVEL").SetValue("Info")
cfg.Section("log").Key("ROOT_PATH").SetValue(form.LogRootPath)
cfg.Section("security").Key("INSTALL_LOCK").SetValue("true")
cfg.Section("security").Key("SECRET_KEY").SetValue(base.GetRandomString(15))
os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm)
if err := cfg.SaveTo(setting.CustomConf); err != nil {
ctx.RenderWithErr(ctx.Tr("install.save_config_failed", err), INSTALL, &form)
return
}
GlobalInit()
// Create admin account
if len(form.AdminName) > 0 {
u := &models.User{
Name: form.AdminName,
Email: form.AdminEmail,
Passwd: form.AdminPasswd,
IsAdmin: true,
IsActive: true,
}
if err := models.CreateUser(u); err != nil {
if !models.IsErrUserAlreadyExist(err) {
setting.InstallLock = false
ctx.Data["Err_AdminName"] = true
ctx.Data["Err_AdminEmail"] = true
ctx.RenderWithErr(ctx.Tr("install.invalid_admin_setting", err), INSTALL, &form)
return
}
log.Info("Admin account already exist")
u, _ = models.GetUserByName(u.Name)
}
// Auto-login for admin
ctx.Session.Set("uid", u.Id)
ctx.Session.Set("uname", u.Name)
}
log.Info("First-time run install finished!")
ctx.Flash.Success(ctx.Tr("install.install_success"))
ctx.Redirect(form.AppUrl + "user/login")
}
// GetUserSalt returns a ramdom user salt token.
func GetUserSalt() string {
return base.GetRandomString(10)
}
func OauthRedirect(ctx *context.Context) {
//request token using code
code := ctx.Query("code")
v := url.Values{}
v.Add("code", code)
v.Add("client_id", setting.Cfg.Section("oauth").Key("CLIENTID").String())
v.Add("client_secret", setting.Cfg.Section("oauth").Key("CLIENTSECRET").String())
v.Add("redirect_uri", setting.Cfg.Section("oauth").Key("REDIRECTURL").String())
v.Add("state", ctx.Session.Get("state").(string))
tokenResponse, err := http.Post(setting.Cfg.Section("oauth").Key("TOKENURL").String(), "application/x-www-form-urlencoded", strings.NewReader(v.Encode()))
if err != nil {
ctx.Handle(500, "post to token url", err)
}
type responseData struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
Scope string `json:"scope"`
Info map[string]string `json:"info"`
}
data := responseData{}
decoder := json.NewDecoder(tokenResponse.Body)
decoder.Decode(&data)
//get info and set proper variables
if data.AccessToken == "" {
ctx.HandleText(500, "client error")
}
username := data.Info["username"]
// client := http.Client{}
// req, err := http.NewRequest("GET", fmt.Sprintf("https://itsyou.online/users/%s/info", username), nil)
// req.Header.Add("Accept", "application/json")
// req.Header.Add("Authorize", fmt.Sprintf("token %s", accessToken))
// infoResponse, err := client.Do(req)
// infobd, _ := ioutil.ReadAll(infoResponse.Body)
passwd := base.GetRandomString(20)
//add to cookies and check user existence
u := &models.User{
Name: username,
Email: fmt.Sprintf("*****@*****.**", username),
Passwd: passwd,
IsActive: !setting.Service.RegisterEmailConfirm,
}
err = models.CreateUser(u)
if err != nil && models.IsErrUserAlreadyExist(err) == false {
ctx.Handle(500, "create_user_oauth", err)
}
// Auto-set admin for the only user.
if models.CountUsers() == 1 {
u.IsAdmin = true
u.IsActive = true
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
}
log.Trace("Account created: %s", u.Name)
usr, _ := models.GetUserByName(u.Name)
usr.IsActive = true
ctx.Session.Set("uid", usr.Id)
ctx.Session.Set("uname", usr.Name)
ctx.Redirect(setting.AppUrl)
}