forked from forgejo/forgejo
mistakes
This commit is contained in:
zhsso
parent
fde5b16332
commit
f3ed11d177
165 changed files with 0 additions and 18302 deletions
|
|
@ -1,286 +0,0 @@
|
|||
// Copyright 2014 The Gogs Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha1"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-martini/martini"
|
||||
|
||||
"github.com/gogits/cache"
|
||||
"github.com/gogits/git"
|
||||
"github.com/gogits/session"
|
||||
|
||||
"github.com/gogits/gogs/models"
|
||||
"github.com/gogits/gogs/modules/auth"
|
||||
"github.com/gogits/gogs/modules/base"
|
||||
"github.com/gogits/gogs/modules/log"
|
||||
)
|
||||
|
||||
// Context represents context of a request.
|
||||
type Context struct {
|
||||
*Render
|
||||
c martini.Context
|
||||
p martini.Params
|
||||
Req *http.Request
|
||||
Res http.ResponseWriter
|
||||
Session session.SessionStore
|
||||
Cache cache.Cache
|
||||
User *models.User
|
||||
IsSigned bool
|
||||
|
||||
csrfToken string
|
||||
|
||||
Repo struct {
|
||||
IsOwner bool
|
||||
IsWatching bool
|
||||
IsBranch bool
|
||||
IsTag bool
|
||||
IsCommit bool
|
||||
Repository *models.Repository
|
||||
Owner *models.User
|
||||
Commit *git.Commit
|
||||
GitRepo *git.Repository
|
||||
BranchName string
|
||||
CommitId string
|
||||
RepoLink string
|
||||
CloneLink struct {
|
||||
SSH string
|
||||
HTTPS string
|
||||
Git string
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Query querys form parameter.
|
||||
func (ctx *Context) Query(name string) string {
|
||||
ctx.Req.ParseForm()
|
||||
return ctx.Req.Form.Get(name)
|
||||
}
|
||||
|
||||
// func (ctx *Context) Param(name string) string {
|
||||
// return ctx.p[name]
|
||||
// }
|
||||
|
||||
// HasError returns true if error occurs in form validation.
|
||||
func (ctx *Context) HasError() bool {
|
||||
hasErr, ok := ctx.Data["HasError"]
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
return hasErr.(bool)
|
||||
}
|
||||
|
||||
// HTML calls render.HTML underlying but reduce one argument.
|
||||
func (ctx *Context) HTML(status int, name string, htmlOpt ...HTMLOptions) {
|
||||
ctx.Render.HTML(status, name, ctx.Data, htmlOpt...)
|
||||
}
|
||||
|
||||
// RenderWithErr used for page has form validation but need to prompt error to users.
|
||||
func (ctx *Context) RenderWithErr(msg, tpl string, form auth.Form) {
|
||||
ctx.Data["HasError"] = true
|
||||
ctx.Data["ErrorMsg"] = msg
|
||||
if form != nil {
|
||||
auth.AssignForm(form, ctx.Data)
|
||||
}
|
||||
ctx.HTML(200, tpl)
|
||||
}
|
||||
|
||||
// Handle handles and logs error by given status.
|
||||
func (ctx *Context) Handle(status int, title string, err error) {
|
||||
log.Error("%s: %v", title, err)
|
||||
if martini.Dev == martini.Prod {
|
||||
ctx.HTML(500, "status/500")
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Data["ErrorMsg"] = err
|
||||
ctx.HTML(status, fmt.Sprintf("status/%d", status))
|
||||
}
|
||||
|
||||
func (ctx *Context) Debug(msg string, args ...interface{}) {
|
||||
log.Debug(msg, args...)
|
||||
}
|
||||
|
||||
func (ctx *Context) GetCookie(name string) string {
|
||||
cookie, err := ctx.Req.Cookie(name)
|
||||
if err != nil {
|
||||
return ""
|
||||
}
|
||||
return cookie.Value
|
||||
}
|
||||
|
||||
func (ctx *Context) SetCookie(name string, value string, others ...interface{}) {
|
||||
cookie := http.Cookie{}
|
||||
cookie.Name = name
|
||||
cookie.Value = value
|
||||
|
||||
if len(others) > 0 {
|
||||
switch v := others[0].(type) {
|
||||
case int:
|
||||
cookie.MaxAge = v
|
||||
case int64:
|
||||
cookie.MaxAge = int(v)
|
||||
case int32:
|
||||
cookie.MaxAge = int(v)
|
||||
}
|
||||
}
|
||||
|
||||
// default "/"
|
||||
if len(others) > 1 {
|
||||
if v, ok := others[1].(string); ok && len(v) > 0 {
|
||||
cookie.Path = v
|
||||
}
|
||||
} else {
|
||||
cookie.Path = "/"
|
||||
}
|
||||
|
||||
// default empty
|
||||
if len(others) > 2 {
|
||||
if v, ok := others[2].(string); ok && len(v) > 0 {
|
||||
cookie.Domain = v
|
||||
}
|
||||
}
|
||||
|
||||
// default empty
|
||||
if len(others) > 3 {
|
||||
switch v := others[3].(type) {
|
||||
case bool:
|
||||
cookie.Secure = v
|
||||
default:
|
||||
if others[3] != nil {
|
||||
cookie.Secure = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// default false. for session cookie default true
|
||||
if len(others) > 4 {
|
||||
if v, ok := others[4].(bool); ok && v {
|
||||
cookie.HttpOnly = true
|
||||
}
|
||||
}
|
||||
|
||||
ctx.Res.Header().Add("Set-Cookie", cookie.String())
|
||||
}
|
||||
|
||||
// Get secure cookie from request by a given key.
|
||||
func (ctx *Context) GetSecureCookie(Secret, key string) (string, bool) {
|
||||
val := ctx.GetCookie(key)
|
||||
if val == "" {
|
||||
return "", false
|
||||
}
|
||||
|
||||
parts := strings.SplitN(val, "|", 3)
|
||||
|
||||
if len(parts) != 3 {
|
||||
return "", false
|
||||
}
|
||||
|
||||
vs := parts[0]
|
||||
timestamp := parts[1]
|
||||
sig := parts[2]
|
||||
|
||||
h := hmac.New(sha1.New, []byte(Secret))
|
||||
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
||||
|
||||
if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
|
||||
return "", false
|
||||
}
|
||||
res, _ := base64.URLEncoding.DecodeString(vs)
|
||||
return string(res), true
|
||||
}
|
||||
|
||||
// Set Secure cookie for response.
|
||||
func (ctx *Context) SetSecureCookie(Secret, name, value string, others ...interface{}) {
|
||||
vs := base64.URLEncoding.EncodeToString([]byte(value))
|
||||
timestamp := strconv.FormatInt(time.Now().UnixNano(), 10)
|
||||
h := hmac.New(sha1.New, []byte(Secret))
|
||||
fmt.Fprintf(h, "%s%s", vs, timestamp)
|
||||
sig := fmt.Sprintf("%02x", h.Sum(nil))
|
||||
cookie := strings.Join([]string{vs, timestamp, sig}, "|")
|
||||
ctx.SetCookie(name, cookie, others...)
|
||||
}
|
||||
|
||||
func (ctx *Context) CsrfToken() string {
|
||||
if len(ctx.csrfToken) > 0 {
|
||||
return ctx.csrfToken
|
||||
}
|
||||
|
||||
token := ctx.GetCookie("_csrf")
|
||||
if len(token) == 0 {
|
||||
token = base.GetRandomString(30)
|
||||
ctx.SetCookie("_csrf", token)
|
||||
}
|
||||
ctx.csrfToken = token
|
||||
return token
|
||||
}
|
||||
|
||||
func (ctx *Context) CsrfTokenValid() bool {
|
||||
token := ctx.Query("_csrf")
|
||||
if token == "" {
|
||||
token = ctx.Req.Header.Get("X-Csrf-Token")
|
||||
}
|
||||
if token == "" {
|
||||
return false
|
||||
} else if ctx.csrfToken != token {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
// InitContext initializes a classic context for a request.
|
||||
func InitContext() martini.Handler {
|
||||
return func(res http.ResponseWriter, r *http.Request, c martini.Context, rd *Render) {
|
||||
|
||||
ctx := &Context{
|
||||
c: c,
|
||||
// p: p,
|
||||
Req: r,
|
||||
Res: res,
|
||||
Cache: base.Cache,
|
||||
Render: rd,
|
||||
}
|
||||
|
||||
ctx.Data["PageStartTime"] = time.Now()
|
||||
|
||||
// start session
|
||||
ctx.Session = base.SessionManager.SessionStart(res, r)
|
||||
rw := res.(martini.ResponseWriter)
|
||||
rw.Before(func(martini.ResponseWriter) {
|
||||
ctx.Session.SessionRelease(res)
|
||||
})
|
||||
|
||||
// Get user from session if logined.
|
||||
user := auth.SignedInUser(ctx.Session)
|
||||
ctx.User = user
|
||||
ctx.IsSigned = user != nil
|
||||
|
||||
ctx.Data["IsSigned"] = ctx.IsSigned
|
||||
|
||||
if user != nil {
|
||||
ctx.Data["SignedUser"] = user
|
||||
ctx.Data["SignedUserId"] = user.Id
|
||||
ctx.Data["SignedUserName"] = user.Name
|
||||
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
|
||||
}
|
||||
|
||||
// get or create csrf token
|
||||
ctx.Data["CsrfToken"] = ctx.CsrfToken()
|
||||
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.csrfToken + `">`)
|
||||
|
||||
c.Map(ctx)
|
||||
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue