func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["PageIsAuths"] = true
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.Data["SMTPAuths"] = models.SMTPAuths
if ctx.HasError() {
ctx.HTML(200, AUTH_EDIT)
return
}
var config core.Conversion
switch models.LoginType(form.Type) {
case models.LDAP:
config = &models.LDAPConfig{
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
Attributes: form.Attributes,
Filter: form.Filter,
MsAdSAFormat: form.MsAdSA,
Enabled: true,
Name: form.AuthName,
},
}
case models.SMTP:
config = &models.SMTPConfig{
Auth: form.SmtpAuth,
Host: form.SmtpHost,
Port: form.SmtpPort,
TLS: form.Tls,
}
default:
ctx.Error(400)
return
}
u := models.LoginSource{
Id: form.Id,
Name: form.AuthName,
IsActived: form.IsActived,
Type: models.LoginType(form.Type),
AllowAutoRegister: form.AllowAutoRegister,
Cfg: config,
}
if err := models.UpdateSource(&u); err != nil {
ctx.Handle(500, "UpdateSource", err)
return
}
log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, form.AuthName)
ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
ctx.Redirect("/admin/auths/" + ctx.Params(":authid"))
}
func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.Data["SMTPAuths"] = models.SMTPAuths
if ctx.HasError() {
ctx.HTML(200, AUTH_NEW)
return
}
var u core.Conversion
switch models.LoginType(form.Type) {
case models.LDAP:
u = &models.LDAPConfig{
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
Attributes: form.Attributes,
Filter: form.Filter,
MsAdSAFormat: form.MsAdSA,
Enabled: true,
Name: form.AuthName,
},
}
case models.SMTP:
u = &models.SMTPConfig{
Auth: form.SmtpAuth,
Host: form.SmtpHost,
Port: form.SmtpPort,
TLS: form.Tls,
}
default:
ctx.Error(400)
return
}
var source = &models.LoginSource{
Type: models.LoginType(form.Type),
Name: form.AuthName,
IsActived: true,
AllowAutoRegister: form.AllowAutoRegister,
Cfg: u,
}
if err := models.CreateSource(source); err != nil {
ctx.Handle(500, "CreateSource", err)
return
}
log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.AuthName)
ctx.Redirect("/admin/auths")
}
func ResetPasswd(ctx *middleware.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
ctx.Data["IsResetForm"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func Activate(ctx *middleware.Context) {
code := ctx.Query("code")
if len(code) == 0 {
ctx.Data["IsActivatePage"] = true
if ctx.User.IsActive {
ctx.Error(404)
return
}
// Resend confirmation e-mail.
if setting.Service.RegisterEmailConfirm {
if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
ctx.Data["ResendLimited"] = true
} else {
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
mailer.SendActiveMail(ctx.Render, ctx.User)
if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
}
} else {
ctx.Data["ServiceNotEnabled"] = true
}
ctx.HTML(200, ACTIVATE)
return
}
// Verify code.
if user := models.VerifyUserActiveCode(code); user != nil {
user.IsActive = true
user.Rands = models.GetUserSalt()
if err := models.UpdateUser(user); err != nil {
if err == models.ErrUserNotExist {
ctx.Error(404)
} else {
ctx.Handle(500, "UpdateUser", err)
}
return
}
log.Trace("User activated: %s", user.Name)
ctx.Session.Set("uid", user.Id)
ctx.Session.Set("uname", user.Name)
ctx.Redirect("/")
return
}
ctx.Data["IsActivateFailed"] = true
ctx.HTML(200, ACTIVATE)
}
func ResetPasswdPost(ctx *middleware.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
if u := models.VerifyUserActiveCode(code); u != nil {
// Validate password length.
passwd := ctx.Query("password")
if len(passwd) < 6 {
ctx.Data["IsResetForm"] = true
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), RESET_PASSWORD, nil)
return
}
u.Passwd = passwd
u.Rands = models.GetUserSalt()
u.Salt = models.GetUserSalt()
u.EncodePasswd()
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
log.Trace("User password reset: %s", u.Name)
ctx.Redirect("/user/login")
return
}
ctx.Data["IsResetFailed"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
ctx.Data["Title"] = ctx.Tr("sign_up")
if setting.Service.DisableRegistration {
ctx.Error(403)
return
}
isOauth := false
sid, isOauth := ctx.Session.Get("socialId").(int64)
if isOauth {
ctx.Data["IsSocialLogin"] = true
}
// May redirect from home page.
if ctx.Query("from") == "home" {
// Clear input error box.
ctx.Data["Err_UserName"] = false
ctx.Data["Err_Email"] = false
// Make the best guess.
uname := ctx.Query("uname")
i := strings.Index(uname, "@")
if i > -1 {
ctx.Data["email"] = uname
ctx.Data["uname"] = uname[:i]
} else {
ctx.Data["uname"] = uname
}
ctx.Data["password"] = ctx.Query("password")
ctx.HTML(200, SIGNUP)
return
}
if ctx.HasError() {
ctx.HTML(200, SIGNUP)
return
}
if !cpt.VerifyReq(ctx.Req) {
ctx.Data["Err_Captcha"] = true
ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), SIGNUP, &form)
return
} else if form.Password != form.Retype {
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), SIGNUP, &form)
return
}
u := &models.User{
Name: form.UserName,
Email: form.Email,
Passwd: form.Password,
IsActive: !setting.Service.RegisterEmailConfirm || isOauth,
}
if err := models.CreateUser(u); err != nil {
switch err {
case models.ErrUserAlreadyExist:
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SIGNUP, &form)
case models.ErrEmailAlreadyUsed:
ctx.Data["Err_Email"] = true
ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SIGNUP, &form)
case models.ErrUserNameIllegal:
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_username"), SIGNUP, &form)
default:
ctx.Handle(500, "CreateUser", err)
}
return
}
log.Trace("Account created: %s", u.Name)
// Bind social account.
if isOauth {
if err := models.BindUserOauth2(u.Id, sid); err != nil {
ctx.Handle(500, "BindUserOauth2", err)
return
}
ctx.Session.Delete("socialId")
log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
}
// Send confirmation e-mail, no need for social account.
if !isOauth && setting.Service.RegisterEmailConfirm && u.Id > 1 {
mailer.SendRegisterMail(ctx.Render, u)
ctx.Data["IsSendRegisterMail"] = true
ctx.Data["Email"] = u.Email
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
ctx.HTML(200, "user/activate")
if err := ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
return
}
ctx.Redirect("/user/login")
}
