Esempio n. 1
0
// SignedInId returns the id of signed in user.
func SignedInId(header http.Header, sess session.Store) int64 {
	if !models.HasEngine {
		return 0
	}

	if setting.Service.EnableReverseProxyAuth {
		webAuthUser := header.Get(setting.ReverseProxyAuthUser)
		if len(webAuthUser) > 0 {
			u, err := models.GetUserByName(webAuthUser)
			if err != nil {
				if err != models.ErrUserNotExist {
					log.Error(4, "GetUserByName: %v", err)
				}
				return 0
			}
			return u.Id
		}
	}

	uid := sess.Get("uid")
	if uid == nil {
		return 0
	}
	if id, ok := uid.(int64); ok {
		if _, err := models.GetUserById(id); err != nil {
			if err != models.ErrUserNotExist {
				log.Error(4, "GetUserById: %v", err)
			}
			return 0
		}
		return id
	}
	return 0
}
Esempio n. 2
0
func unmarshallToken(s session.Store) (t *token) {
	if s.Get(keyToken) == nil {
		return
	}
	data := s.Get(keyToken).([]byte)
	var tk oauth2.Token
	json.Unmarshal(data, &tk)
	return &token{tk}
}
Esempio n. 3
0
func unmarshallToken(s session.Store) (t *Token) {
	if s.Get(KEY_TOKEN) == nil {
		return
	}
	data := s.Get(KEY_TOKEN).([]byte)
	var tk Token
	json.Unmarshal(data, &tk)
	return &tk
}
Esempio n. 4
0
func login(f *oauth2.Config, s session.Store, w http.ResponseWriter, r *http.Request) {
	next := extractPath(r.URL.Query().Get(keyNextPage))
	if s.Get(keyToken) == nil {
		// User is not logged in.
		if next == "" {
			next = "/"
		}
		http.Redirect(w, r, f.AuthCodeURL(next), codeRedirect)
		return
	}
	// No need to login, redirect to the next page.
	http.Redirect(w, r, next, codeRedirect)
}
Esempio n. 5
0
func (ctx *Context) GetUserBySession(sess session.Store) {
	// sess.Set("uid", "123")

	if uid, ok := sess.Get("uid").(string); ok {
		o := orm.NewOrm()
		user := models.User{Id: uid}
		err := o.Read(&user)
		ctx.User = &user
		if err == nil {
			ctx.IsSigned = true
		}
	}
}
Esempio n. 6
0
// SignedInID returns the id of signed in user.
func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
	if !models.HasEngine {
		return 0
	}

	// Check access token.
	if IsAPIPath(ctx.Req.URL.Path) {
		tokenSHA := ctx.Query("token")
		if len(tokenSHA) == 0 {
			// Well, check with header again.
			auHead := ctx.Req.Header.Get("Authorization")
			if len(auHead) > 0 {
				auths := strings.Fields(auHead)
				if len(auths) == 2 && auths[0] == "token" {
					tokenSHA = auths[1]
				}
			}
		}

		// Let's see if token is valid.
		if len(tokenSHA) > 0 {
			t, err := models.GetAccessTokenBySHA(tokenSHA)
			if err != nil {
				if models.IsErrAccessTokenNotExist(err) {
					log.Error(4, "GetAccessTokenBySHA: %v", err)
				}
				return 0
			}
			t.Updated = time.Now()
			if err = models.UpdateAccessToekn(t); err != nil {
				log.Error(4, "UpdateAccessToekn: %v", err)
			}
			return t.UID
		}
	}

	uid := sess.Get("uid")
	if uid == nil {
		return 0
	}
	if id, ok := uid.(int64); ok {
		if _, err := models.GetUserByID(id); err != nil {
			if !models.IsErrUserNotExist(err) {
				log.Error(4, "GetUserById: %v", err)
			}
			return 0
		}
		return id
	}
	return 0
}
Esempio n. 7
0
func login(ctx *macaron.Context, s session.Store, opt *Options) {
	next := extractPath(ctx.Query(KEY_NEXT_PAGE))
	if s.Get(KEY_TOKEN) == nil {
		// User is not logged in.
		if next == "" {
			next = AppSubUrl + "/"
		}
		// println(111, opt.AuthCodeURL(next, "", ""))
		ctx.Redirect(opt.AuthCodeURL(next, "", ""))
		return
	}
	// No need to login, redirect to the next page.
	ctx.Redirect(next)
}
Esempio n. 8
0
func handleOAuth2Callback(f *oauth2.Config, s session.Store, w http.ResponseWriter, r *http.Request) {
	next := extractPath(r.URL.Query().Get("state"))
	code := r.URL.Query().Get("code")
	t, err := f.Exchange(oauth2.NoContext, code)
	if err != nil {
		// Pass the error message, or allow dev to provide its own
		// error handler.
		http.Redirect(w, r, PathError, codeRedirect)
		return
	}
	// Store the credentials in the session.
	val, _ := json.Marshal(t)
	s.Set(keyToken, val)
	http.Redirect(w, r, next, codeRedirect)
}
Esempio n. 9
0
func handleOAuth2Callback(ctx *macaron.Context, s session.Store, opt *Options) {
	next := extractPath(ctx.Query("state"))
	code := ctx.Query("code")
	t, err := opt.NewTransportFromCode(code)
	if err != nil {
		// Pass the error message, or allow dev to provide its own
		// error handler.
		println(err.Error())
		ctx.Redirect(PathError)
		return
	}
	// Store the credentials in the session.
	val, _ := json.Marshal(t.Token())
	s.Set(KEY_TOKEN, val)
	ctx.Redirect(next)
}
Esempio n. 10
0
// SignedInId returns the id of signed in user.
func SignedInId(req *http.Request, sess session.Store) int64 {
	if !models.HasEngine {
		return 0
	}

	// API calls need to check access token.
	if IsAPIPath(req.URL.Path) {
		auHead := req.Header.Get("Authorization")
		if len(auHead) > 0 {
			auths := strings.Fields(auHead)
			if len(auths) == 2 && auths[0] == "token" {
				t, err := models.GetAccessTokenBySHA(auths[1])
				if err != nil {
					if err != models.ErrAccessTokenNotExist {
						log.Error(4, "GetAccessTokenBySHA: %v", err)
					}
					return 0
				}
				t.Updated = time.Now()
				if err = models.UpdateAccessToekn(t); err != nil {
					log.Error(4, "UpdateAccessToekn: %v", err)
				}
				return t.UID
			}
		}
	}

	uid := sess.Get("uid")
	if uid == nil {
		return 0
	}
	if id, ok := uid.(int64); ok {
		if _, err := models.GetUserByID(id); err != nil {
			if !models.IsErrUserNotExist(err) {
				log.Error(4, "GetUserById: %v", err)
			}
			return 0
		}
		return id
	}
	return 0
}
Esempio n. 11
0
// SignedInId returns the id of signed in user.
func SignedInId(req *http.Request, sess session.Store) int64 {
	if !models.HasEngine {
		return 0
	}

	// API calls need to check access token.
	if strings.HasPrefix(req.URL.Path, "/api/") {
		auHead := req.Header.Get("Authorization")
		if len(auHead) > 0 {
			auths := strings.Fields(auHead)
			if len(auths) == 2 && auths[0] == "token" {
				t, err := models.GetAccessTokenBySha(auths[1])
				if err != nil {
					if err != models.ErrAccessTokenNotExist {
						log.Error(4, "GetAccessTokenBySha: %v", err)
					}
					return 0
				}
				return t.Uid
			}
		}
	}

	uid := sess.Get("uid")
	if uid == nil {
		return 0
	}
	if id, ok := uid.(int64); ok {
		if _, err := models.GetUserById(id); err != nil {
			if err != models.ErrUserNotExist {
				log.Error(4, "GetUserById: %v", err)
			}
			return 0
		}
		return id
	}
	return 0
}
Esempio n. 12
0
func logout(ctx *macaron.Context, s session.Store) {
	next := extractPath(ctx.Query(KEY_NEXT_PAGE))
	s.Delete(KEY_TOKEN)
	ctx.Redirect(next)
}
Esempio n. 13
0
func logout(s session.Store, w http.ResponseWriter, r *http.Request) {
	next := extractPath(r.URL.Query().Get(keyNextPage))
	s.Delete(keyToken)
	http.Redirect(w, r, next, codeRedirect)
}
Esempio n. 14
0
func (u *User) Logout(sess session.Store) {
	sess.Delete("uid")
}
Esempio n. 15
0
func (u *User) Login(sess session.Store) {
	sess.Set("uid", u.Id)
}
Esempio n. 16
0
func mySessionHandler(sess session.Store) string {
	sess.Set("session", "session middleware")
	return sess.Get("session").(string)
}