func SettingsPost(ctx *context.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsProfile"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PROFILE) return } handleUsernameChange(ctx, form.Name) if ctx.Written() { return } ctx.User.FullName = form.FullName ctx.User.Email = form.Email ctx.User.Website = form.Website ctx.User.Location = form.Location if len(form.Gravatar) > 0 { ctx.User.Avatar = base.EncodeMD5(form.Gravatar) ctx.User.AvatarEmail = form.Gravatar } if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User settings updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/user/settings") }
func SettingsPasswordPost(ctx *context.Context, form auth.ChangePasswordForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsPassword"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PASSWORD) return } if !ctx.User.ValidatePassword(form.OldPassword) { ctx.Flash.Error(ctx.Tr("settings.password_incorrect")) } else if form.Password != form.Retype { ctx.Flash.Error(ctx.Tr("form.password_not_match")) } else { ctx.User.Passwd = form.Password ctx.User.Salt = models.GetUserSalt() ctx.User.EncodePasswd() if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User password updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.change_password_success")) } ctx.Redirect(setting.AppSubUrl + "/user/settings/password") }
func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) { ctx.Data["Title"] = ctx.Tr("admin.users.edit_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true u := prepareUserInfo(ctx) if ctx.Written() { return } if ctx.HasError() { ctx.HTML(200, USER_EDIT) return } fields := strings.Split(form.LoginType, "-") if len(fields) == 2 { loginType := models.LoginType(com.StrTo(fields[0]).MustInt()) loginSource := com.StrTo(fields[1]).MustInt64() if u.LoginSource != loginSource { u.LoginSource = loginSource u.LoginType = loginType } } if len(form.Password) > 0 { u.Passwd = form.Password u.Salt = models.GetUserSalt() u.EncodePasswd() } u.LoginName = form.LoginName u.FullName = form.FullName u.Email = form.Email u.Website = form.Website u.Location = form.Location u.MaxRepoCreation = form.MaxRepoCreation u.IsActive = form.Active u.IsAdmin = form.Admin u.AllowGitHook = form.AllowGitHook u.AllowImportLocal = form.AllowImportLocal if err := models.UpdateUser(u); err != nil { if models.IsErrEmailAlreadyUsed(err) { ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("form.email_been_used"), USER_EDIT, &form) } else { ctx.Handle(500, "UpdateUser", err) } return } log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name) ctx.Flash.Success(ctx.Tr("admin.users.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/admin/users/" + ctx.Params(":userid")) }
func SettingsPost(ctx *context.Context, form auth.UpdateOrgSettingForm) { ctx.Data["Title"] = ctx.Tr("org.settings") ctx.Data["PageIsSettingsOptions"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_OPTIONS) return } org := ctx.Org.Organization // Check if organization name has been changed. if org.LowerName != strings.ToLower(form.Name) { isExist, err := models.IsUserExist(org.Id, form.Name) if err != nil { ctx.Handle(500, "IsUserExist", err) return } else if isExist { ctx.Data["OrgName"] = true ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &form) return } else if err = models.ChangeUserName(org, form.Name); err != nil { if err == models.ErrUserNameIllegal { ctx.Data["OrgName"] = true ctx.RenderWithErr(ctx.Tr("form.illegal_username"), SETTINGS_OPTIONS, &form) } else { ctx.Handle(500, "ChangeUserName", err) } return } // reset ctx.org.OrgLink with new name ctx.Org.OrgLink = setting.AppSubUrl + "/org/" + form.Name log.Trace("Organization name changed: %s -> %s", org.Name, form.Name) } // In case it's just a case change. org.Name = form.Name org.LowerName = strings.ToLower(form.Name) if ctx.User.IsAdmin { org.MaxRepoCreation = form.MaxRepoCreation } org.FullName = form.FullName org.Description = form.Description org.Website = form.Website org.Location = form.Location if err := models.UpdateUser(org); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("Organization setting updated: %s", org.Name) ctx.Flash.Success(ctx.Tr("org.settings.update_setting_success")) ctx.Redirect(ctx.Org.OrgLink + "/settings") }
func Activate(ctx *context.Context) { code := ctx.Query("code") if len(code) == 0 { ctx.Data["IsActivatePage"] = true if ctx.User.IsActive { ctx.Error(404) return } // Resend confirmation e-mail. if setting.Service.RegisterEmailConfirm { if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) { ctx.Data["ResendLimited"] = true } else { ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60 mailer.SendActivateAccountMail(ctx.Context, ctx.User) if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil { log.Error(4, "Set cache(MailResendLimit) fail: %v", err) } } } else { ctx.Data["ServiceNotEnabled"] = true } ctx.HTML(200, ACTIVATE) return } // Verify code. if user := models.VerifyUserActiveCode(code); user != nil { user.IsActive = true user.Rands = models.GetUserSalt() if err := models.UpdateUser(user); err != nil { if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.Handle(500, "UpdateUser", err) } return } log.Trace("User activated: %s", user.Name) ctx.Session.Set("uid", user.Id) ctx.Session.Set("uname", user.Name) ctx.Redirect(setting.AppSubUrl + "/") return } ctx.Data["IsActivateFailed"] = true ctx.HTML(200, ACTIVATE) }
// https://github.com/gigforks/go-gogs-client/wiki/Administration-Users#edit-an-existing-user func EditUser(ctx *context.APIContext, form api.EditUserOption) { u := user.GetUserByParams(ctx) if ctx.Written() { return } parseLoginSource(ctx, u, form.SourceID, form.LoginName) if ctx.Written() { return } if len(form.Password) > 0 { u.Passwd = form.Password u.Salt = models.GetUserSalt() u.EncodePasswd() } u.LoginName = form.LoginName u.FullName = form.FullName u.Email = form.Email u.Website = form.Website u.Location = form.Location if form.Active != nil { u.IsActive = *form.Active } if form.Admin != nil { u.IsAdmin = *form.Admin } if form.AllowGitHook != nil { u.AllowGitHook = *form.AllowGitHook } if form.AllowImportLocal != nil { u.AllowImportLocal = *form.AllowImportLocal } if err := models.UpdateUser(u); err != nil { if models.IsErrEmailAlreadyUsed(err) { ctx.Error(422, "", err) } else { ctx.Error(500, "UpdateUser", err) } return } log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name) ctx.JSON(200, convert.ToUser(u)) }
// https://github.com/gigforks/go-gogs-client/wiki/Organizations#edit-an-organization func Edit(ctx *context.APIContext, form api.EditOrgOption) { org := ctx.Org.Organization if !org.IsOwnedBy(ctx.User.Id) { ctx.Status(403) return } org.FullName = form.FullName org.Description = form.Description org.Website = form.Website org.Location = form.Location if err := models.UpdateUser(org); err != nil { ctx.Error(500, "UpdateUser", err) return } ctx.JSON(200, convert.ToOrganization(org)) }
func ResetPasswdPost(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("auth.reset_password") code := ctx.Query("code") if len(code) == 0 { ctx.Error(404) return } ctx.Data["Code"] = code if u := models.VerifyUserActiveCode(code); u != nil { // Validate password length. passwd := ctx.Query("password") if len(passwd) < 6 { ctx.Data["IsResetForm"] = true ctx.Data["Err_Password"] = true ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), RESET_PASSWORD, nil) return } u.Passwd = passwd u.Rands = models.GetUserSalt() u.Salt = models.GetUserSalt() u.EncodePasswd() if err := models.UpdateUser(u); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User password reset: %s", u.Name) ctx.Redirect(setting.AppSubUrl + "/user/login") return } ctx.Data["IsResetFailed"] = true ctx.HTML(200, RESET_PASSWORD) }
// FIXME: limit size. func UpdateAvatarSetting(ctx *context.Context, form auth.UploadAvatarForm, ctxUser *models.User) error { ctxUser.UseCustomAvatar = form.Enable if form.Avatar != nil { fr, err := form.Avatar.Open() if err != nil { return fmt.Errorf("Avatar.Open: %v", err) } defer fr.Close() data, err := ioutil.ReadAll(fr) if err != nil { return fmt.Errorf("ioutil.ReadAll: %v", err) } if _, ok := base.IsImageFile(data); !ok { return errors.New(ctx.Tr("settings.uploaded_avatar_not_a_image")) } if err = ctxUser.UploadAvatar(data); err != nil { return fmt.Errorf("UploadAvatar: %v", err) } } else { // No avatar is uploaded but setting has been changed to enable, // generate a random one when needed. if form.Enable && !com.IsFile(ctxUser.CustomAvatarPath()) { if err := ctxUser.GenerateRandomAvatar(); err != nil { log.Error(4, "GenerateRandomAvatar[%d]: %v", ctxUser.Id, err) } } } if err := models.UpdateUser(ctxUser); err != nil { return fmt.Errorf("UpdateUser: %v", err) } return nil }
func OauthRedirect(ctx *context.Context) { //request token using code code := ctx.Query("code") v := url.Values{} v.Add("code", code) v.Add("client_id", setting.Cfg.Section("oauth").Key("CLIENTID").String()) v.Add("client_secret", setting.Cfg.Section("oauth").Key("CLIENTSECRET").String()) v.Add("redirect_uri", setting.Cfg.Section("oauth").Key("REDIRECTURL").String()) v.Add("state", ctx.Session.Get("state").(string)) tokenResponse, err := http.Post(setting.Cfg.Section("oauth").Key("TOKENURL").String(), "application/x-www-form-urlencoded", strings.NewReader(v.Encode())) if err != nil { ctx.Handle(500, "post to token url", err) } type responseData struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` Scope string `json:"scope"` Info map[string]string `json:"info"` } data := responseData{} decoder := json.NewDecoder(tokenResponse.Body) decoder.Decode(&data) //get info and set proper variables if data.AccessToken == "" { ctx.HandleText(500, "client error") } username := data.Info["username"] // client := http.Client{} // req, err := http.NewRequest("GET", fmt.Sprintf("https://itsyou.online/users/%s/info", username), nil) // req.Header.Add("Accept", "application/json") // req.Header.Add("Authorize", fmt.Sprintf("token %s", accessToken)) // infoResponse, err := client.Do(req) // infobd, _ := ioutil.ReadAll(infoResponse.Body) passwd := base.GetRandomString(20) //add to cookies and check user existence u := &models.User{ Name: username, Email: fmt.Sprintf("*****@*****.**", username), Passwd: passwd, IsActive: !setting.Service.RegisterEmailConfirm, } err = models.CreateUser(u) if err != nil && models.IsErrUserAlreadyExist(err) == false { ctx.Handle(500, "create_user_oauth", err) } // Auto-set admin for the only user. if models.CountUsers() == 1 { u.IsAdmin = true u.IsActive = true if err := models.UpdateUser(u); err != nil { ctx.Handle(500, "UpdateUser", err) return } } log.Trace("Account created: %s", u.Name) usr, _ := models.GetUserByName(u.Name) usr.IsActive = true ctx.Session.Set("uid", usr.Id) ctx.Session.Set("uname", usr.Name) ctx.Redirect(setting.AppUrl) }
func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) { ctx.Data["Title"] = ctx.Tr("sign_up") ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha if setting.Service.DisableRegistration { ctx.Error(403) return } if ctx.HasError() { ctx.HTML(200, SIGNUP) return } if setting.Service.EnableCaptcha && !cpt.VerifyReq(ctx.Req) { ctx.Data["Err_Captcha"] = true ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), SIGNUP, &form) return } if form.Password != form.Retype { ctx.Data["Err_Password"] = true ctx.RenderWithErr(ctx.Tr("form.password_not_match"), SIGNUP, &form) return } u := &models.User{ Name: form.UserName, Email: form.Email, Passwd: form.Password, IsActive: !setting.Service.RegisterEmailConfirm, } if err := models.CreateUser(u); err != nil { switch { case models.IsErrUserAlreadyExist(err): ctx.Data["Err_UserName"] = true ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SIGNUP, &form) case models.IsErrEmailAlreadyUsed(err): ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SIGNUP, &form) case models.IsErrNameReserved(err): ctx.Data["Err_UserName"] = true ctx.RenderWithErr(ctx.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &form) case models.IsErrNamePatternNotAllowed(err): ctx.Data["Err_UserName"] = true ctx.RenderWithErr(ctx.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &form) default: ctx.Handle(500, "CreateUser", err) } return } log.Trace("Account created: %s", u.Name) // Auto-set admin for the only user. if models.CountUsers() == 1 { u.IsAdmin = true u.IsActive = true if err := models.UpdateUser(u); err != nil { ctx.Handle(500, "UpdateUser", err) return } } // Send confirmation e-mail, no need for social account. if setting.Service.RegisterEmailConfirm && u.Id > 1 { mailer.SendActivateAccountMail(ctx.Context, u) ctx.Data["IsSendRegisterMail"] = true ctx.Data["Email"] = u.Email ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60 ctx.HTML(200, ACTIVATE) if err := ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil { log.Error(4, "Set cache(MailResendLimit) fail: %v", err) } return } ctx.Redirect(setting.AppSubUrl + "/user/login") }