Use gogits/session for oauth2
This commit is contained in:
parent
9791e70da6
commit
3ebc9b991a
42
.gopmfile
42
.gopmfile
@ -1,28 +1,26 @@
|
|||||||
[target]
|
[target]
|
||||||
path=github.com/gogits/gogs
|
path = github.com/gogits/gogs
|
||||||
|
|
||||||
[deps]
|
[deps]
|
||||||
github.com/codegangsta/cli=
|
github.com/codegangsta/cli =
|
||||||
github.com/go-martini/martini=
|
github.com/go-martini/martini =
|
||||||
github.com/Unknwon/com=
|
github.com/Unknwon/com =
|
||||||
github.com/Unknwon/cae=
|
github.com/Unknwon/cae =
|
||||||
github.com/Unknwon/goconfig=
|
github.com/Unknwon/goconfig =
|
||||||
github.com/dchest/scrypt=
|
github.com/dchest/scrypt =
|
||||||
github.com/nfnt/resize=
|
github.com/nfnt/resize =
|
||||||
github.com/lunny/xorm=
|
github.com/lunny/xorm =
|
||||||
github.com/go-sql-driver/mysql=
|
github.com/go-sql-driver/mysql =
|
||||||
github.com/lib/pq=
|
github.com/lib/pq =
|
||||||
github.com/gogits/logs=
|
github.com/gogits/logs =
|
||||||
github.com/gogits/binding=
|
github.com/gogits/binding =
|
||||||
github.com/gogits/git=
|
github.com/gogits/git =
|
||||||
github.com/gogits/gfm=
|
github.com/gogits/gfm =
|
||||||
github.com/gogits/cache=
|
github.com/gogits/cache =
|
||||||
github.com/gogits/session=
|
github.com/gogits/session =
|
||||||
github.com/gogits/webdav=
|
github.com/gogits/webdav =
|
||||||
github.com/martini-contrib/oauth2=
|
code.google.com/p/goauth2 =
|
||||||
github.com/martini-contrib/sessions=
|
|
||||||
code.google.com/p/goauth2=
|
|
||||||
|
|
||||||
[res]
|
[res]
|
||||||
include=templates|public|conf
|
include = templates|public|conf
|
||||||
|
|
||||||
|
@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language
|
|||||||
|
|
||||||
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
||||||
|
|
||||||
##### Current version: 0.2.0 Alpha
|
##### Current version: 0.2.1 Alpha
|
||||||
|
|
||||||
#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site.
|
#### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in March 29, 2014 and will reset multiple times after. Please do NOT put your important data on the site.
|
||||||
|
|
||||||
@ -31,7 +31,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o
|
|||||||
- Activity timeline
|
- Activity timeline
|
||||||
- SSH/HTTPS(Clone only) protocol support.
|
- SSH/HTTPS(Clone only) protocol support.
|
||||||
- Register/delete/rename account.
|
- Register/delete/rename account.
|
||||||
- Create/delete/watch/rename public repository.
|
- Create/delete/watch/rename/transfer public repository.
|
||||||
- Repository viewer.
|
- Repository viewer.
|
||||||
- Issue tracker.
|
- Issue tracker.
|
||||||
- Gravatar and cache support.
|
- Gravatar and cache support.
|
||||||
|
@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。
|
|||||||
|
|
||||||
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
![Demo](http://gowalker.org/public/gogs_demo.gif)
|
||||||
|
|
||||||
##### 当前版本:0.2.0 Alpha
|
##### 当前版本:0.2.1 Alpha
|
||||||
|
|
||||||
## 开发目的
|
## 开发目的
|
||||||
|
|
||||||
@ -25,7 +25,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依
|
|||||||
- 活动时间线
|
- 活动时间线
|
||||||
- SSH/HTTPS(仅限 Clone) 协议支持
|
- SSH/HTTPS(仅限 Clone) 协议支持
|
||||||
- 注册/删除/重命名用户
|
- 注册/删除/重命名用户
|
||||||
- 创建/删除/关注/重命名公开仓库
|
- 创建/删除/关注/重命名/转移公开仓库
|
||||||
- 仓库浏览器
|
- 仓库浏览器
|
||||||
- Bug 追踪系统
|
- Bug 追踪系统
|
||||||
- Gravatar 以及缓存支持
|
- Gravatar 以及缓存支持
|
||||||
|
2
gogs.go
2
gogs.go
@ -19,7 +19,7 @@ import (
|
|||||||
// Test that go1.2 tag above is included in builds. main.go refers to this definition.
|
// Test that go1.2 tag above is included in builds. main.go refers to this definition.
|
||||||
const go12tag = true
|
const go12tag = true
|
||||||
|
|
||||||
const APP_VER = "0.2.0.0404 Alpha"
|
const APP_VER = "0.2.1.0405 Alpha"
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
base.AppVer = APP_VER
|
base.AppVer = APP_VER
|
||||||
|
@ -78,7 +78,7 @@ func init() {
|
|||||||
type PublicKey struct {
|
type PublicKey struct {
|
||||||
Id int64
|
Id int64
|
||||||
OwnerId int64 `xorm:"unique(s) index not null"`
|
OwnerId int64 `xorm:"unique(s) index not null"`
|
||||||
Name string `xorm:"unique(s) not null"` //UNIQUE(s)
|
Name string `xorm:"unique(s) not null"`
|
||||||
Fingerprint string
|
Fingerprint string
|
||||||
Content string `xorm:"TEXT not null"`
|
Content string `xorm:"TEXT not null"`
|
||||||
Created time.Time `xorm:"created"`
|
Created time.Time `xorm:"created"`
|
||||||
|
@ -26,7 +26,10 @@ import (
|
|||||||
|
|
||||||
"code.google.com/p/goauth2/oauth"
|
"code.google.com/p/goauth2/oauth"
|
||||||
"github.com/go-martini/martini"
|
"github.com/go-martini/martini"
|
||||||
"github.com/martini-contrib/sessions"
|
|
||||||
|
"github.com/gogits/session"
|
||||||
|
|
||||||
|
"github.com/gogits/gogs/modules/middleware"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -142,23 +145,23 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
|
|||||||
Transport: http.DefaultTransport,
|
Transport: http.DefaultTransport,
|
||||||
}
|
}
|
||||||
|
|
||||||
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
|
return func(c martini.Context, ctx *middleware.Context) {
|
||||||
if r.Method == "GET" {
|
if ctx.Req.Method == "GET" {
|
||||||
switch r.URL.Path {
|
switch ctx.Req.URL.Path {
|
||||||
case PathLogin:
|
case PathLogin:
|
||||||
login(transport, s, w, r)
|
login(transport, ctx)
|
||||||
case PathLogout:
|
case PathLogout:
|
||||||
logout(transport, s, w, r)
|
logout(transport, ctx)
|
||||||
case PathCallback:
|
case PathCallback:
|
||||||
handleOAuth2Callback(transport, s, w, r)
|
handleOAuth2Callback(transport, ctx)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
tk := unmarshallToken(s)
|
tk := unmarshallToken(ctx.Session)
|
||||||
if tk != nil {
|
if tk != nil {
|
||||||
// check if the access token is expired
|
// check if the access token is expired
|
||||||
if tk.IsExpired() && tk.Refresh() == "" {
|
if tk.IsExpired() && tk.Refresh() == "" {
|
||||||
s.Delete(keyToken)
|
ctx.Session.Delete(keyToken)
|
||||||
tk = nil
|
tk = nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -172,49 +175,49 @@ func NewOAuth2Provider(opts *Options) martini.Handler {
|
|||||||
// Sample usage:
|
// Sample usage:
|
||||||
// m.Get("/login-required", oauth2.LoginRequired, func() ... {})
|
// m.Get("/login-required", oauth2.LoginRequired, func() ... {})
|
||||||
var LoginRequired martini.Handler = func() martini.Handler {
|
var LoginRequired martini.Handler = func() martini.Handler {
|
||||||
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
|
return func(c martini.Context, ctx *middleware.Context) {
|
||||||
token := unmarshallToken(s)
|
token := unmarshallToken(ctx.Session)
|
||||||
if token == nil || token.IsExpired() {
|
if token == nil || token.IsExpired() {
|
||||||
next := url.QueryEscape(r.URL.RequestURI())
|
next := url.QueryEscape(ctx.Req.URL.RequestURI())
|
||||||
http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect)
|
ctx.Redirect(PathLogin+"?next="+next, codeRedirect)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
func login(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
func login(t *oauth.Transport, ctx *middleware.Context) {
|
||||||
next := extractPath(r.URL.Query().Get(keyNextPage))
|
next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
|
||||||
if s.Get(keyToken) == nil {
|
if ctx.Session.Get(keyToken) == nil {
|
||||||
// User is not logged in.
|
// User is not logged in.
|
||||||
http.Redirect(w, r, t.Config.AuthCodeURL(next), codeRedirect)
|
ctx.Redirect(t.Config.AuthCodeURL(next), codeRedirect)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// No need to login, redirect to the next page.
|
// No need to login, redirect to the next page.
|
||||||
http.Redirect(w, r, next, codeRedirect)
|
ctx.Redirect(next, codeRedirect)
|
||||||
}
|
}
|
||||||
|
|
||||||
func logout(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
func logout(t *oauth.Transport, ctx *middleware.Context) {
|
||||||
next := extractPath(r.URL.Query().Get(keyNextPage))
|
next := extractPath(ctx.Req.URL.Query().Get(keyNextPage))
|
||||||
s.Delete(keyToken)
|
ctx.Session.Delete(keyToken)
|
||||||
http.Redirect(w, r, next, codeRedirect)
|
ctx.Redirect(next, codeRedirect)
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
|
func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
|
||||||
next := extractPath(r.URL.Query().Get("state"))
|
next := extractPath(ctx.Req.URL.Query().Get("state"))
|
||||||
code := r.URL.Query().Get("code")
|
code := ctx.Req.URL.Query().Get("code")
|
||||||
tk, err := t.Exchange(code)
|
tk, err := t.Exchange(code)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// Pass the error message, or allow dev to provide its own
|
// Pass the error message, or allow dev to provide its own
|
||||||
// error handler.
|
// error handler.
|
||||||
http.Redirect(w, r, PathError, codeRedirect)
|
ctx.Redirect(PathError, codeRedirect)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// Store the credentials in the session.
|
// Store the credentials in the session.
|
||||||
val, _ := json.Marshal(tk)
|
val, _ := json.Marshal(tk)
|
||||||
s.Set(keyToken, val)
|
ctx.Session.Set(keyToken, val)
|
||||||
http.Redirect(w, r, next, codeRedirect)
|
ctx.Redirect(next, codeRedirect)
|
||||||
}
|
}
|
||||||
|
|
||||||
func unmarshallToken(s sessions.Session) (t *token) {
|
func unmarshallToken(s session.SessionStore) (t *token) {
|
||||||
if s.Get(keyToken) == nil {
|
if s.Get(keyToken) == nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -183,6 +183,7 @@ func Install(ctx *middleware.Context, form auth.InstallForm) {
|
|||||||
if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd,
|
if _, err := models.RegisterUser(&models.User{Name: form.AdminName, Email: form.AdminEmail, Passwd: form.AdminPasswd,
|
||||||
IsAdmin: true, IsActive: true}); err != nil {
|
IsAdmin: true, IsActive: true}); err != nil {
|
||||||
if err != models.ErrUserAlreadyExist {
|
if err != models.ErrUserAlreadyExist {
|
||||||
|
base.InstallLock = false
|
||||||
ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form)
|
ctx.RenderWithErr("Admin account setting is invalid: "+err.Error(), "install", &form)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
23
web.go
23
web.go
@ -11,8 +11,6 @@ import (
|
|||||||
|
|
||||||
"github.com/codegangsta/cli"
|
"github.com/codegangsta/cli"
|
||||||
"github.com/go-martini/martini"
|
"github.com/go-martini/martini"
|
||||||
// "github.com/martini-contrib/oauth2"
|
|
||||||
// "github.com/martini-contrib/sessions"
|
|
||||||
|
|
||||||
"github.com/gogits/binding"
|
"github.com/gogits/binding"
|
||||||
|
|
||||||
@ -21,6 +19,7 @@ import (
|
|||||||
"github.com/gogits/gogs/modules/base"
|
"github.com/gogits/gogs/modules/base"
|
||||||
"github.com/gogits/gogs/modules/log"
|
"github.com/gogits/gogs/modules/log"
|
||||||
"github.com/gogits/gogs/modules/middleware"
|
"github.com/gogits/gogs/modules/middleware"
|
||||||
|
"github.com/gogits/gogs/modules/oauth2"
|
||||||
"github.com/gogits/gogs/routers"
|
"github.com/gogits/gogs/routers"
|
||||||
"github.com/gogits/gogs/routers/admin"
|
"github.com/gogits/gogs/routers/admin"
|
||||||
"github.com/gogits/gogs/routers/api/v1"
|
"github.com/gogits/gogs/routers/api/v1"
|
||||||
@ -59,19 +58,17 @@ func runWeb(*cli.Context) {
|
|||||||
|
|
||||||
// Middlewares.
|
// Middlewares.
|
||||||
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
|
m.Use(middleware.Renderer(middleware.RenderOptions{Funcs: []template.FuncMap{base.TemplateFuncs}}))
|
||||||
|
|
||||||
// scope := "https://api.github.com/user"
|
|
||||||
// oauth2.PathCallback = "/oauth2callback"
|
|
||||||
// m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
|
|
||||||
// m.Use(oauth2.Github(&oauth2.Options{
|
|
||||||
// ClientId: "09383403ff2dc16daaa1",
|
|
||||||
// ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
|
|
||||||
// RedirectURL: base.AppUrl + oauth2.PathCallback,
|
|
||||||
// Scopes: []string{scope},
|
|
||||||
// }))
|
|
||||||
|
|
||||||
m.Use(middleware.InitContext())
|
m.Use(middleware.InitContext())
|
||||||
|
|
||||||
|
scope := "https://api.github.com/user"
|
||||||
|
oauth2.PathCallback = "/oauth2callback"
|
||||||
|
m.Use(oauth2.Github(&oauth2.Options{
|
||||||
|
ClientId: "09383403ff2dc16daaa1",
|
||||||
|
ClientSecret: "5f6e7101d30b77952aab22b75eadae17551ea6b5",
|
||||||
|
RedirectURL: base.AppUrl + oauth2.PathCallback,
|
||||||
|
Scopes: []string{scope},
|
||||||
|
}))
|
||||||
|
|
||||||
reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
|
reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
|
||||||
ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView})
|
ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView})
|
||||||
reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
|
reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
|
||||||
|
Loading…
Reference in New Issue
Block a user