Esempio n. 1
0
func LoginView(c *middleware.Context) {
	if err := setIndexViewData(c); err != nil {
		c.Handle(500, "Failed to get settings", err)
		return
	}

	//尝试监测是否开启ucenterLogin
	checkUcenterLogin(c)

	settings := c.Data["Settings"].(map[string]interface{})
	settings["googleAuthEnabled"] = setting.OAuthService.Google
	settings["githubAuthEnabled"] = setting.OAuthService.GitHub
	settings["disableUserSignUp"] = !setting.AllowUserSignUp

	if !tryLoginUsingRememberCookie(c) {
		c.HTML(200, VIEW_INDEX)
		return
	}

	if redirectTo, _ := url.QueryUnescape(c.GetCookie("redirect_to")); len(redirectTo) > 0 {
		c.SetCookie("redirect_to", "", -1, setting.AppSubUrl+"/")
		c.Redirect(redirectTo)
		return
	}

	c.Redirect(setting.AppSubUrl + "/")
}
Esempio n. 2
0
func Logout(c *middleware.Context) {
	c.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl+"/")
	c.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl+"/")
	c.Session.Destory(c)
	checkUcenterLogout(c)
	c.Redirect(setting.AppSubUrl + "/login")
}
Esempio n. 3
0
func LoginUcenterCallback(c *middleware.Context) {
	token := c.QueryStrings("token")
	if len(token) == 0 {
		c.Handle(500, "ucenter api request error", errors.New("token params error"))
		return
	}

	uclient := ucenter.NewClient(setting.Ucenter.Api_Url, setting.Ucenter.Api_Key, setting.Ucenter.Api_Secret)

	if uid, err := service.CheckToken(uclient, strings.Join(token, "")); err != nil {
		c.Handle(500, "ucenter api request error", err)
		return
	} else {
		t := reflect.TypeOf(uid)
		switch t.Kind() {
		case reflect.Bool:
			c.Handle(500, "ucenter api request error", errors.New("token is expired or invaild"))
			return
		case reflect.Float64:
			var uidFloat float64 = uid.(float64)
			var uidInt int64 = int64(uidFloat)
			if user, err := service.GetUserById(uclient, service.Uid(uidInt)); err != nil {
				c.Handle(500, "ucenter api request error", err)
				return
			} else {
				//都是登录状态了
				//首先查询下用户是否在数据库内
			queryUser:
				userQuery := m.GetUserByLoginQuery{LoginOrEmail: user.Name}
				err := bus.Dispatch(&userQuery)

				if err != nil {
					//如果用户不存在,则插入数据
					cmd := m.CreateUserCommand{}
					cmd.Login = user.Name
					cmd.Email = user.Email
					cmd.Password = setting.AdminPassword //暂用管理员密码吧
					cmd.IsAdmin = false

					if err := bus.Dispatch(&cmd); err != nil {
						log.Error(3, "Failed to create user"+user.Name, err)
						return
					}

					log.Info("Created user: %v", user.Name)
					goto queryUser
				}

				userModel := userQuery.Result
				//记录状态
				loginUserWithUser(userModel, c)
				//跳转页面
				c.Redirect(setting.AppSubUrl + "/")
			}
		}
	}

}
Esempio n. 4
0
func checkUcenterLogout(c *middleware.Context) {
	if !setting.Ucenter.Enabled {
		return
	}
	uclient := ucenter.NewClient(setting.Ucenter.Api_Url, setting.Ucenter.Api_Key, setting.Ucenter.Api_Secret)
	callbackUrl := baseurl.BaseUrl(c.Req.Request) + "/login"
	logoutUrl, err := service.LogoutUrl(uclient, callbackUrl)

	if err != nil {
		c.Handle(500, "logoutUrl get failed", err)
		return
	}
	c.Redirect(logoutUrl.String())
}
Esempio n. 5
0
func OAuthLogin(ctx *middleware.Context) {
	if setting.OAuthService == nil {
		ctx.Handle(404, "login.OAuthLogin(oauth service not enabled)", nil)
		return
	}

	name := ctx.Params(":name")
	connect, ok := social.SocialMap[name]
	if !ok {
		ctx.Handle(404, "login.OAuthLogin(social login not enabled)", errors.New(name))
		return
	}

	code := ctx.Query("code")
	if code == "" {
		ctx.Redirect(connect.AuthCodeURL("", oauth2.AccessTypeOnline))
		return
	}

	// handle call back
	token, err := connect.Exchange(oauth2.NoContext, code)
	if err != nil {
		ctx.Handle(500, "login.OAuthLogin(NewTransportWithCode)", err)
		return
	}

	log.Trace("login.OAuthLogin(Got token)")

	userInfo, err := connect.UserInfo(token)
	if err != nil {
		if err == social.ErrMissingTeamMembership {
			ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github team membership not fulfilled"))
		} else if err == social.ErrMissingOrganizationMembership {
			ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github organization membership not fulfilled"))
		} else {
			ctx.Handle(500, fmt.Sprintf("login.OAuthLogin(get info from %s)", name), err)
		}
		return
	}

	log.Trace("login.OAuthLogin(social login): %s", userInfo)

	// validate that the email is allowed to login to grafana
	if !connect.IsEmailAllowed(userInfo.Email) {
		log.Info("OAuth login attempt with unallowed email, %s", userInfo.Email)
		ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required email domain not fulfilled"))
		return
	}

	userQuery := m.GetUserByLoginQuery{LoginOrEmail: userInfo.Email}
	err = bus.Dispatch(&userQuery)

	// create account if missing
	if err == m.ErrUserNotFound {
		if !connect.IsSignupAllowed() {
			ctx.Redirect(setting.AppSubUrl + "/login")
			return
		}

		cmd := m.CreateUserCommand{
			Login:   userInfo.Email,
			Email:   userInfo.Email,
			Name:    userInfo.Name,
			Company: userInfo.Company,
		}

		if err = bus.Dispatch(&cmd); err != nil {
			ctx.Handle(500, "Failed to create account", err)
			return
		}

		userQuery.Result = &cmd.Result
	} else if err != nil {
		ctx.Handle(500, "Unexpected error", err)
	}

	// login
	loginUserWithUser(userQuery.Result, ctx)

	metrics.M_Api_Login_OAuth.Inc(1)

	ctx.Redirect(setting.AppSubUrl + "/")
}