forked from forgejo/forgejo
Add golangci (#6418)
This commit is contained in:
kolaente
techknowlogick
parent
5832f8d90d
commit
f9ec2f89f2
147 changed files with 1046 additions and 774 deletions
|
|
@ -77,8 +77,14 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
|
|||
}
|
||||
|
||||
isSucceed = true
|
||||
ctx.Session.Set("uid", u.ID)
|
||||
ctx.Session.Set("uname", u.Name)
|
||||
err = ctx.Session.Set("uid", u.ID)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
err = ctx.Session.Set("uname", u.Name)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
return true, nil
|
||||
}
|
||||
|
|
@ -191,8 +197,16 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) {
|
|||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
ctx.Session.Set("twofaUid", u.ID)
|
||||
ctx.Session.Set("twofaRemember", form.Remember)
|
||||
err = ctx.Session.Set("twofaUid", u.ID)
|
||||
if err != nil {
|
||||
ctx.ServerError("UserSignIn", err)
|
||||
return
|
||||
}
|
||||
err = ctx.Session.Set("twofaRemember", form.Remember)
|
||||
if err != nil {
|
||||
ctx.ServerError("UserSignIn", err)
|
||||
return
|
||||
}
|
||||
|
||||
regs, err := models.GetU2FRegistrationsByUID(u.ID)
|
||||
if err == nil && len(regs) > 0 {
|
||||
|
|
@ -383,6 +397,10 @@ func U2FChallenge(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
challenge, err := u2f.NewChallenge(setting.U2F.AppID, setting.U2F.TrustedFacets)
|
||||
if err != nil {
|
||||
ctx.ServerError("u2f.NewChallenge", err)
|
||||
return
|
||||
}
|
||||
if err = ctx.Session.Set("u2fChallenge", challenge); err != nil {
|
||||
ctx.ServerError("UserSignIn", err)
|
||||
return
|
||||
|
|
@ -462,16 +480,22 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR
|
|||
setting.CookieRememberName, u.Name, days, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
}
|
||||
|
||||
ctx.Session.Delete("openid_verified_uri")
|
||||
ctx.Session.Delete("openid_signin_remember")
|
||||
ctx.Session.Delete("openid_determined_email")
|
||||
ctx.Session.Delete("openid_determined_username")
|
||||
ctx.Session.Delete("twofaUid")
|
||||
ctx.Session.Delete("twofaRemember")
|
||||
ctx.Session.Delete("u2fChallenge")
|
||||
ctx.Session.Delete("linkAccount")
|
||||
ctx.Session.Set("uid", u.ID)
|
||||
ctx.Session.Set("uname", u.Name)
|
||||
_ = ctx.Session.Delete("openid_verified_uri")
|
||||
_ = ctx.Session.Delete("openid_signin_remember")
|
||||
_ = ctx.Session.Delete("openid_determined_email")
|
||||
_ = ctx.Session.Delete("openid_determined_username")
|
||||
_ = ctx.Session.Delete("twofaUid")
|
||||
_ = ctx.Session.Delete("twofaRemember")
|
||||
_ = ctx.Session.Delete("u2fChallenge")
|
||||
_ = ctx.Session.Delete("linkAccount")
|
||||
err := ctx.Session.Set("uid", u.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("uname", u.Name)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
|
||||
// Language setting of the user overwrites the one previously set
|
||||
// If the user does not have a locale set, we save the current one.
|
||||
|
|
@ -563,7 +587,10 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
|
|||
|
||||
if u == nil {
|
||||
// no existing user is found, request attach or new account
|
||||
ctx.Session.Set("linkAccountGothUser", gothUser)
|
||||
err = ctx.Session.Set("linkAccountGothUser", gothUser)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
ctx.Redirect(setting.AppSubURL + "/user/link_account")
|
||||
return
|
||||
}
|
||||
|
|
@ -573,8 +600,14 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
|
|||
_, err = models.GetTwoFactorByUID(u.ID)
|
||||
if err != nil {
|
||||
if models.IsErrTwoFactorNotEnrolled(err) {
|
||||
ctx.Session.Set("uid", u.ID)
|
||||
ctx.Session.Set("uname", u.Name)
|
||||
err = ctx.Session.Set("uid", u.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("uname", u.Name)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
|
||||
// Clear whatever CSRF has right now, force to generate a new one
|
||||
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
|
|
@ -600,8 +633,14 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
|
|||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
ctx.Session.Set("twofaUid", u.ID)
|
||||
ctx.Session.Set("twofaRemember", false)
|
||||
err = ctx.Session.Set("twofaUid", u.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("twofaRemember", false)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
|
||||
// If U2F is enrolled -> Redirect to U2F instead
|
||||
regs, err := models.GetU2FRegistrationsByUID(u.ID)
|
||||
|
|
@ -760,9 +799,18 @@ func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) {
|
|||
}
|
||||
|
||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||
ctx.Session.Set("twofaUid", u.ID)
|
||||
ctx.Session.Set("twofaRemember", signInForm.Remember)
|
||||
ctx.Session.Set("linkAccount", true)
|
||||
err = ctx.Session.Set("twofaUid", u.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("twofaRemember", signInForm.Remember)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("linkAccount", true)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
|
||||
// If U2F is enrolled -> Redirect to U2F instead
|
||||
regs, err := models.GetU2FRegistrationsByUID(u.ID)
|
||||
|
|
@ -897,11 +945,11 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
|
|||
}
|
||||
|
||||
func handleSignOut(ctx *context.Context) {
|
||||
ctx.Session.Delete("uid")
|
||||
ctx.Session.Delete("uname")
|
||||
ctx.Session.Delete("socialId")
|
||||
ctx.Session.Delete("socialName")
|
||||
ctx.Session.Delete("socialEmail")
|
||||
_ = ctx.Session.Delete("uid")
|
||||
_ = ctx.Session.Delete("uname")
|
||||
_ = ctx.Session.Delete("socialId")
|
||||
_ = ctx.Session.Delete("socialName")
|
||||
_ = ctx.Session.Delete("socialEmail")
|
||||
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
|
||||
|
|
@ -1086,8 +1134,14 @@ func Activate(ctx *context.Context) {
|
|||
|
||||
log.Trace("User activated: %s", user.Name)
|
||||
|
||||
ctx.Session.Set("uid", user.ID)
|
||||
ctx.Session.Set("uname", user.Name)
|
||||
err = ctx.Session.Set("uid", user.ID)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
err = ctx.Session.Set("uname", user.Name)
|
||||
if err != nil {
|
||||
log.Error(fmt.Sprintf("Error setting session: %v", err))
|
||||
}
|
||||
ctx.Flash.Success(ctx.Tr("auth.account_activated"))
|
||||
ctx.Redirect(setting.AppSubURL + "/")
|
||||
return
|
||||
|
|
@ -1113,7 +1167,6 @@ func ActivateEmail(ctx *context.Context) {
|
|||
}
|
||||
|
||||
ctx.Redirect(setting.AppSubURL + "/user/settings/email")
|
||||
return
|
||||
}
|
||||
|
||||
// ForgotPasswd render the forget pasword page
|
||||
|
|
|
|||
|
|
@ -126,7 +126,10 @@ func SignInOpenIDPost(ctx *context.Context, form auth.SignInOpenIDForm) {
|
|||
url += "&openid.sreg.optional=nickname%2Cemail"
|
||||
|
||||
log.Trace("Form-passed openid-remember: %t", form.Remember)
|
||||
ctx.Session.Set("openid_signin_remember", form.Remember)
|
||||
err = ctx.Session.Set("openid_signin_remember", form.Remember)
|
||||
if err != nil {
|
||||
log.Error("SignInOpenIDPost: Could not set session: %v", err.Error())
|
||||
}
|
||||
|
||||
ctx.Redirect(url)
|
||||
}
|
||||
|
|
@ -152,7 +155,7 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
/* Now we should seek for the user and log him in, or prompt
|
||||
* to register if not found */
|
||||
|
||||
u, _ := models.GetUserByOpenID(id)
|
||||
u, err := models.GetUserByOpenID(id)
|
||||
if err != nil {
|
||||
if !models.IsErrUserNotExist(err) {
|
||||
ctx.RenderWithErr(err.Error(), tplSignInOpenID, &auth.SignInOpenIDForm{
|
||||
|
|
@ -160,6 +163,7 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
})
|
||||
return
|
||||
}
|
||||
log.Error("signInOpenIDVerify: %v", err)
|
||||
}
|
||||
if u != nil {
|
||||
log.Trace("User exists, logging in")
|
||||
|
|
@ -191,7 +195,7 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
log.Trace("User has email=" + email + " and nickname=" + nickname)
|
||||
|
||||
if email != "" {
|
||||
u, _ = models.GetUserByEmail(email)
|
||||
u, err = models.GetUserByEmail(email)
|
||||
if err != nil {
|
||||
if !models.IsErrUserNotExist(err) {
|
||||
ctx.RenderWithErr(err.Error(), tplSignInOpenID, &auth.SignInOpenIDForm{
|
||||
|
|
@ -199,6 +203,7 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
})
|
||||
return
|
||||
}
|
||||
log.Error("signInOpenIDVerify: %v", err)
|
||||
}
|
||||
if u != nil {
|
||||
log.Trace("Local user " + u.LowerName + " has OpenID provided email " + email)
|
||||
|
|
@ -220,15 +225,24 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
}
|
||||
}
|
||||
|
||||
ctx.Session.Set("openid_verified_uri", id)
|
||||
err = ctx.Session.Set("openid_verified_uri", id)
|
||||
if err != nil {
|
||||
log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
|
||||
}
|
||||
|
||||
ctx.Session.Set("openid_determined_email", email)
|
||||
err = ctx.Session.Set("openid_determined_email", email)
|
||||
if err != nil {
|
||||
log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
|
||||
}
|
||||
|
||||
if u != nil {
|
||||
nickname = u.LowerName
|
||||
}
|
||||
|
||||
ctx.Session.Set("openid_determined_username", nickname)
|
||||
err = ctx.Session.Set("openid_determined_username", nickname)
|
||||
if err != nil {
|
||||
log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
|
||||
}
|
||||
|
||||
if u != nil || !setting.Service.EnableOpenIDSignUp {
|
||||
ctx.Redirect(setting.AppSubURL + "/user/openid/connect")
|
||||
|
|
@ -350,7 +364,11 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si
|
|||
}
|
||||
|
||||
if setting.Service.EnableCaptcha && setting.Service.CaptchaType == setting.ReCaptcha {
|
||||
ctx.Req.ParseForm()
|
||||
err := ctx.Req.ParseForm()
|
||||
if err != nil {
|
||||
ctx.ServerError("", err)
|
||||
return
|
||||
}
|
||||
valid, _ := recaptcha.Verify(form.GRecaptchaResponse)
|
||||
if !valid {
|
||||
ctx.Data["Err_Captcha"] = true
|
||||
|
|
|
|||
|
|
@ -7,12 +7,10 @@ package user
|
|||
import (
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"github.com/go-macaron/binding"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"github.com/go-macaron/binding"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/modules/auth"
|
||||
"code.gitea.io/gitea/modules/base"
|
||||
|
|
@ -20,6 +18,8 @@ import (
|
|||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
@ -164,6 +164,14 @@ func newAccessTokenResponse(grant *models.OAuth2Grant) (*AccessTokenResponse, *A
|
|||
func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
|
||||
errs := binding.Errors{}
|
||||
errs = form.Validate(ctx.Context, errs)
|
||||
if len(errs) > 0 {
|
||||
errstring := ""
|
||||
for _, e := range errs {
|
||||
errstring += e.Error() + "\n"
|
||||
}
|
||||
ctx.ServerError("AuthorizeOAuth: Validate: ", fmt.Errorf("errors occured during validation: %s", errstring))
|
||||
return
|
||||
}
|
||||
|
||||
app, err := models.GetOAuth2ApplicationByClientID(form.ClientID)
|
||||
if err != nil {
|
||||
|
|
@ -221,7 +229,6 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
|
|||
}, form.RedirectURI)
|
||||
return
|
||||
}
|
||||
break
|
||||
case "":
|
||||
break
|
||||
default:
|
||||
|
|
@ -262,9 +269,24 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
|
|||
ctx.Data["ApplicationUserLink"] = "<a href=\"" + setting.AppURL + app.User.LowerName + "\">@" + app.User.Name + "</a>"
|
||||
ctx.Data["ApplicationRedirectDomainHTML"] = "<strong>" + form.RedirectURI + "</strong>"
|
||||
// TODO document SESSION <=> FORM
|
||||
ctx.Session.Set("client_id", app.ClientID)
|
||||
ctx.Session.Set("redirect_uri", form.RedirectURI)
|
||||
ctx.Session.Set("state", form.State)
|
||||
err = ctx.Session.Set("client_id", app.ClientID)
|
||||
if err != nil {
|
||||
handleServerError(ctx, form.State, form.RedirectURI)
|
||||
log.Error(err.Error())
|
||||
return
|
||||
}
|
||||
err = ctx.Session.Set("redirect_uri", form.RedirectURI)
|
||||
if err != nil {
|
||||
handleServerError(ctx, form.State, form.RedirectURI)
|
||||
log.Error(err.Error())
|
||||
return
|
||||
}
|
||||
err = ctx.Session.Set("state", form.State)
|
||||
if err != nil {
|
||||
handleServerError(ctx, form.State, form.RedirectURI)
|
||||
log.Error(err.Error())
|
||||
return
|
||||
}
|
||||
ctx.HTML(200, tplGrantAccess)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import (
|
|||
|
||||
const (
|
||||
tplFollowers base.TplName = "user/meta/followers"
|
||||
tplStars base.TplName = "user/meta/stars"
|
||||
)
|
||||
|
||||
// GetUserByName get user by name
|
||||
|
|
|
|||
|
|
@ -141,13 +141,11 @@ func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *mo
|
|||
if err = ctxUser.UploadAvatar(data); err != nil {
|
||||
return fmt.Errorf("UploadAvatar: %v", err)
|
||||
}
|
||||
} else {
|
||||
} else if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
|
||||
// No avatar is uploaded but setting has been changed to enable,
|
||||
// generate a random one when needed.
|
||||
if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
|
||||
if err := ctxUser.GenerateRandomAvatar(); err != nil {
|
||||
log.Error("GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
|
||||
}
|
||||
if err := ctxUser.GenerateRandomAvatar(); err != nil {
|
||||
log.Error("GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -73,6 +73,10 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
|
|||
uri := ctx.Session.Get("twofaUri")
|
||||
if uri != nil {
|
||||
otpKey, err = otp.NewKeyFromURL(uri.(string))
|
||||
if err != nil {
|
||||
ctx.ServerError("SettingsTwoFactor: NewKeyFromURL: ", err)
|
||||
return false
|
||||
}
|
||||
}
|
||||
// Filter unsafe character ':' in issuer
|
||||
issuer := strings.Replace(setting.AppName+" ("+setting.Domain+")", ":", "", -1)
|
||||
|
|
@ -103,8 +107,16 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
|
|||
}
|
||||
|
||||
ctx.Data["QrUri"] = template.URL("data:image/png;base64," + base64.StdEncoding.EncodeToString(imgBytes.Bytes()))
|
||||
ctx.Session.Set("twofaSecret", otpKey.Secret())
|
||||
ctx.Session.Set("twofaUri", otpKey.String())
|
||||
err = ctx.Session.Set("twofaSecret", otpKey.Secret())
|
||||
if err != nil {
|
||||
ctx.ServerError("SettingsTwoFactor", err)
|
||||
return false
|
||||
}
|
||||
err = ctx.Session.Set("twofaUri", otpKey.String())
|
||||
if err != nil {
|
||||
ctx.ServerError("SettingsTwoFactor", err)
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
|
|
@ -184,8 +196,16 @@ func EnrollTwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) {
|
|||
return
|
||||
}
|
||||
|
||||
ctx.Session.Delete("twofaSecret")
|
||||
ctx.Session.Delete("twofaUri")
|
||||
err = ctx.Session.Delete("twofaSecret")
|
||||
if err != nil {
|
||||
ctx.ServerError("SettingsTwoFactor", err)
|
||||
return
|
||||
}
|
||||
err = ctx.Session.Delete("twofaUri")
|
||||
if err != nil {
|
||||
ctx.ServerError("SettingsTwoFactor", err)
|
||||
return
|
||||
}
|
||||
ctx.Flash.Success(ctx.Tr("settings.twofa_enrolled", token))
|
||||
ctx.Redirect(setting.AppSubURL + "/user/settings/security")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,7 +42,11 @@ func U2FRegister(ctx *context.Context, form auth.U2FRegistrationForm) {
|
|||
return
|
||||
}
|
||||
}
|
||||
ctx.Session.Set("u2fName", form.Name)
|
||||
err = ctx.Session.Set("u2fName", form.Name)
|
||||
if err != nil {
|
||||
ctx.ServerError("", err)
|
||||
return
|
||||
}
|
||||
ctx.JSON(200, u2f.NewWebRegisterRequest(challenge, regs.ToRegistrations()))
|
||||
}
|
||||
|
||||
|
|
@ -95,5 +99,4 @@ func U2FDelete(ctx *context.Context, form auth.U2FDeleteForm) {
|
|||
ctx.JSON(200, map[string]interface{}{
|
||||
"redirect": setting.AppSubURL + "/user/settings/security",
|
||||
})
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue