func FilterUser(ctx *context.Context) {
if (ctx.Input.IsGet() || ctx.Input.IsPost()) && (ctx.Input.URL() == loginPageURL || ctx.Input.URL() == logoutPageURL) {
// Don't redirect itself to prevent the circle
} else {
user, ok := ctx.Input.Session("user").(*rbac.User)
if ok == false {
if guiMessage := guimessagedisplay.GetGUIMessageFromContext(ctx); guiMessage != nil {
guiMessage.AddDanger("Unauthorized")
}
ctx.Redirect(302, loginPageURL)
} else {
// Authorize
if user.HasPermission(componentName, ctx.Input.Method(), ctx.Input.URL()) == false {
if guiMessage := guimessagedisplay.GetGUIMessageFromContext(ctx); guiMessage != nil {
guiMessage.AddDanger("User is not authorized to this page. Please use another user with priviledge.")
}
ctx.Redirect(302, loginPageURL)
}
// Resource check is in another place since GUI doesn't place the resource name in url
// Audit log
go func() {
sendAuditLog(ctx, user.Name, true)
}()
}
}
}
func HandleAccess(ctx *context.Context) {
token := ctx.GetCookie("epic_user_token")
ok, _ := tools.VerifyToken(token)
if len(token) != 0 && ok {
ctx.Redirect(302, "/succeed")
}
}
func ViewLogin(c *context.Context) {
cookie := c.GetCookie("MtimeCIUserId")
if len(cookie) <= 0 {
c.Redirect(302, "/login?url="+url.QueryEscape(c.Input.Uri()))
}
beego.Informational(cookie)
}
// 检测登录,跳转登录界面
func checkLogin(c *context.Context) {
uid, ok := c.Input.Session("uid").(int64)
if !ok || uid <= 0 {
if c.Request.RequestURI != "/login" {
c.Redirect(302, "/login")
}
}
}
// FilterAuth prevents the user from accessing protected pages if they are not
// logged in.
func FilterAuth(ctx *context.Context) {
if ctx.Input.GetData("user") == nil {
ctx.Redirect(302, fmt.Sprintf(
"%s?redirect=%s",
beego.URLFor("UserController.Login"),
url.QueryEscape(ctx.Request.URL.Path),
))
}
}
func loginFilter(ctx *context.Context) {
user := ctx.Input.CruSession.Get("user")
//user := this.GetSession("user")
fmt.Println("loginFilter user")
fmt.Println(user)
if user == nil && ctx.Request.RequestURI != "/" && ctx.Request.RequestURI != "/login" {
ctx.Redirect(302, "/")
}
}
func OAuthAccess(ctx *context.Context) {
redirect, _, err := setting.SocialAuth.OAuthAccess(ctx)
if err != nil {
beego.Error("OAuthAccess", err)
}
if len(redirect) > 0 {
ctx.Redirect(302, redirect)
}
}
func HandleRedirect(ctx *context.Context) {
redirect, err := SocialAuth.OAuthRedirect(ctx)
if err != nil {
beego.Error("SocialAuth.handleRedirect", err)
}
if len(redirect) > 0 {
ctx.Redirect(302, redirect)
}
}
// general use of redirect callback
func (this *SocialAuth) handleAccess(ctx *context.Context) {
redirect, _, err := this.OAuthAccess(ctx)
if err != nil {
beego.Error("SocialAuth.handleAccess", err)
}
if len(redirect) > 0 {
ctx.Redirect(302, redirect)
}
}
func FilterUser(ctx *context.Context) {
adminUrl := []string{"organizations", "users", "reports"}
for _, url := range adminUrl {
if strings.Contains(ctx.Request.RequestURI, url) {
if adminUser, ok := ctx.Input.Session("adminUser").(string); !ok || adminUser != beego.AppConfig.String("conf::admin_user") {
ctx.Redirect(302, "/login")
}
return
}
}
}
func CheckLogin(ctx *context.Context) {
if ctx.Request.RequestURI != "/login" {
sess, err := models.GlobalSessions.SessionStart(ctx.ResponseWriter, ctx.Request)
if err != nil || sess == nil {
ctx.Abort(401, "session nil")
}
sessioner := sess.Get("gosessionkey")
beego.Debug("session:", sess)
beego.Debug("check login gosessionkey:", sessioner)
if fmt.Sprintf("%v", sessioner) != "beego1234" {
ctx.Redirect(401, "/login")
}
}
}
func filterUser(ctx *context.Context) {
u, ok := ctx.Input.Session("current_user").(*goth.User)
if !ok {
ctx.Redirect(302, "/login")
}
if gu := ctx.Input.GetData("github_user"); gu == nil {
g, err := github.GetCurrentUser(u.AccessToken)
if err != nil {
ctx.Redirect(302, "/404.html")
}
ctx.Input.SetData("github_user", g)
}
}
func HandleAccess(ctx *context.Context) {
redirect, userSocial, err := SocialAuth.OAuthAccess(ctx)
if err != nil {
beego.Error("SocialAuth.handleAccess", err)
}
if userSocial != nil {
SetInfoToSession(ctx, userSocial)
}
if len(redirect) > 0 {
ctx.Redirect(302, redirect)
}
}
func HandleAccess(ctx *context.Context) {
redirect, userSocial, err := SocialAuth.OAuthAccess(ctx)
if err != nil {
beego.Error("SocialAuth.handleAccess", err)
}
if userSocial != nil {
fmt.Println("Identify: %s, AccessToken: %s", userSocial.Identify, userSocial.Data.AccessToken)
}
ctx.Input.CruSession.Set("custom_userSocial_identify", userSocial.Identify)
if len(redirect) > 0 {
ctx.Redirect(302, redirect)
}
}
func FilterCheckLogin(ctx *context.Context) {
url := ctx.Request.RequestURI
if strings.HasPrefix(url, "/user") || "" == url || strings.HasPrefix(url, "/api") {
return
}
userId, ok := ctx.Input.Session(cache.SESSION_UID).(int64)
user := models.GetUserById(userId)
if !ok || nil == user {
ctx.Output.Session("originURL", ctx.Request.RequestURI)
ctx.Redirect(302, "/user/login")
} else if strings.HasPrefix(url, "/root") && "ADMIN" != user.RoleName {
ctx.Redirect(302, "/user/nopermission")
}
}
func IsTokenInvalidAndRedirect(c guimessagedisplay.SessionUtility, ctx *context.Context, err error) bool {
if IsTokenInvalid(err) {
guimessage := guimessagedisplay.GetGUIMessage(c)
guimessage.AddDanger("User token is expired. Please login agin.")
guimessage.RedirectMessage(c)
c.DelSession("user")
c.DelSession("tokenHeaderMap")
ctx.Redirect(302, "/gui/login/")
return true
} else {
return false
}
}
func filter(ctx *context.Context) {
url := ctx.Request.URL.Path
if strings.HasPrefix(url, "/static/") || strings.HasPrefix(url, "/login/md5") {
return
}
sess, _ := beego.GlobalSessions.SessionStart(ctx.ResponseWriter, ctx.Request)
user := sess.Get("user")
if user != nil {
} else {
if url != "/login/" && url != "/login" && url != "/login/login" {
ctx.Redirect(302, "/login")
return
}
}
}
func UrlManager(ctx *context.Context) {
beego.Info(ctx.Request.RequestURI)
uri := ctx.Request.RequestURI
onlineUser := ctx.Input.Session("online_user")
beego.Info("url manager", onlineUser)
if "/blog/post" == uri {
if onlineUser == nil {
// 判断是否登录
if ctx.Input.IsAjax() {
beego.Info("ajax request")
ctx.Output.Header("Content-Type", "application/json")
ctx.Output.Body([]byte(`{"succ":"succ",login":"******"}`))
} else {
ctx.Redirect(302, "/login")
beego.Info("document request")
}
}
} else {
beego.Info("not need login")
}
}
func filterSiteOwner(ctx *context.Context) {
u := ctx.Input.Session("current_user").(*goth.User)
user, err := models.GetUser(u.NickName)
if err != nil {
beego.Error(err)
ctx.Redirect(302, "/404.html")
}
siteID, err := strconv.ParseInt(ctx.Input.Param(":id"), 10, 64)
if err != nil {
beego.Error(err)
ctx.Redirect(302, "/404.html")
}
site, err := models.SiteByOwner(siteID, user.ID)
if err != nil {
beego.Error(err)
ctx.Redirect(302, "/404.html")
}
ctx.Input.SetData("user", user)
ctx.Input.SetData("site", site)
}
func serverStaticRouter(ctx *context.Context) {
if ctx.Input.Method() != "GET" && ctx.Input.Method() != "HEAD" {
return
}
forbidden, filePath, fileInfo, err := lookupFile(ctx)
if err == errNotStaticRequest {
return
}
if forbidden {
exception("403", ctx)
return
}
if filePath == "" || fileInfo == nil {
if BConfig.RunMode == DEV {
logs.Warn("Can't find/open the file:", filePath, err)
}
http.NotFound(ctx.ResponseWriter, ctx.Request)
return
}
if fileInfo.IsDir() {
requestURL := ctx.Input.URL()
if requestURL[len(requestURL)-1] != '/' {
redirectURL := requestURL + "/"
if ctx.Request.URL.RawQuery != "" {
redirectURL = redirectURL + "?" + ctx.Request.URL.RawQuery
}
ctx.Redirect(302, redirectURL)
} else {
//serveFile will list dir
http.ServeFile(ctx.ResponseWriter, ctx.Request, filePath)
}
return
}
var enableCompress = BConfig.EnableGzip && isStaticCompress(filePath)
var acceptEncoding string
if enableCompress {
acceptEncoding = context.ParseEncoding(ctx.Request)
}
b, n, sch, err := openFile(filePath, fileInfo, acceptEncoding)
if err != nil {
if BConfig.RunMode == DEV {
logs.Warn("Can't compress the file:", filePath, err)
}
http.NotFound(ctx.ResponseWriter, ctx.Request)
return
}
if b {
ctx.Output.Header("Content-Encoding", n)
} else {
ctx.Output.Header("Content-Length", strconv.FormatInt(sch.size, 10))
}
http.ServeContent(ctx.ResponseWriter, ctx.Request, filePath, sch.modTime, sch)
return
}
func adminFiler(ctx *context.Context) {
beego.Debug("checkAdmin")
if !IsAdmin(ctx) {
ctx.Redirect(302, "/")
}
}
/*
* filter
*/
func authFilter(ctx *context.Context) {
if ctx.Input.GetData("me") == nil {
beego.Debug("not login")
ctx.Redirect(302, "/login")
}
}
