From ba5c7ea7719abbef792e8b9897dcfadf4d54bbab Mon Sep 17 00:00:00 2001 From: Unknown Date: Fri, 7 Mar 2014 16:05:18 -0500 Subject: [PATCH] Add SignInRequire and SignOutRequire middleware --- gogs.go | 2 +- modules/auth/user.go | 82 ++++++++++++++++++++++++++++++++++++++ routers/dashboard.go | 8 ++-- routers/repo/repo.go | 30 +++++++------- routers/user/ssh.go | 15 +++---- routers/user/user.go | 69 ++------------------------------ templates/repo/create.tmpl | 12 ++++++ web.go | 16 ++++---- 8 files changed, 135 insertions(+), 99 deletions(-) create mode 100644 modules/auth/user.go diff --git a/gogs.go b/gogs.go index 4c4d7da1f7..e239737e23 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.1 tag above is included in builds. main.go refers to this definition. const go11tag = true -const APP_VER = "0.0.1.0306" +const APP_VER = "0.0.1.0307" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/modules/auth/user.go b/modules/auth/user.go new file mode 100644 index 0000000000..3a793f453d --- /dev/null +++ b/modules/auth/user.go @@ -0,0 +1,82 @@ +// Copyright 2014 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package auth + +import ( + "github.com/codegangsta/martini" + "github.com/martini-contrib/render" + "github.com/martini-contrib/sessions" + + "github.com/gogits/gogs/models" + "github.com/gogits/gogs/modules/base" + "github.com/gogits/gogs/utils/log" +) + +func SignedInId(session sessions.Session) int64 { + userId := session.Get("userId") + if userId == nil { + return 0 + } + if s, ok := userId.(int64); ok { + return s + } + return 0 +} + +func SignedInName(session sessions.Session) string { + userName := session.Get("userName") + if userName == nil { + return "" + } + if s, ok := userName.(string); ok { + return s + } + return "" +} + +func SignedInUser(session sessions.Session) *models.User { + id := SignedInId(session) + if id <= 0 { + return nil + } + + user, err := models.GetUserById(id) + if err != nil { + log.Error("user.SignedInUser: %v", err) + return nil + } + return user +} + +func IsSignedIn(session sessions.Session) bool { + return SignedInId(session) > 0 +} + +// SignInRequire checks user status from session. +// It will assign correspoding values to +// template data map if user has signed in. +func SignInRequire(redirect bool) martini.Handler { + return func(r render.Render, data base.TmplData, session sessions.Session) { + if !IsSignedIn(session) { + if redirect { + r.Redirect("/") + } + return + } + + data["IsSigned"] = true + data["SignedUserId"] = SignedInId(session) + data["SignedUserName"] = SignedInName(session) + data["Avatar"] = SignedInUser(session).Avatar + } +} + +func SignOutRequire() martini.Handler { + return func(r render.Render, session sessions.Session) { + if IsSignedIn(session) { + r.Redirect("/") + } + } +} diff --git a/routers/dashboard.go b/routers/dashboard.go index 8eda9cf248..a75445003a 100644 --- a/routers/dashboard.go +++ b/routers/dashboard.go @@ -5,14 +5,16 @@ package routers import ( - "github.com/gogits/gogs/modules/base" - "github.com/gogits/gogs/routers/user" "github.com/martini-contrib/render" "github.com/martini-contrib/sessions" + + "github.com/gogits/gogs/modules/auth" + "github.com/gogits/gogs/modules/base" + "github.com/gogits/gogs/routers/user" ) func Home(r render.Render, data base.TmplData, session sessions.Session) { - if user.IsSignedIn(session) { + if auth.IsSignedIn(session) { user.Dashboard(r, data, session) return } diff --git a/routers/repo/repo.go b/routers/repo/repo.go index 3a958f9adb..c34c33d74c 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -10,19 +10,21 @@ import ( "strconv" "github.com/martini-contrib/render" + "github.com/martini-contrib/sessions" "github.com/gogits/gogs/models" - "github.com/gogits/gogs/routers/user" - "github.com/martini-contrib/sessions" + "github.com/gogits/gogs/modules/auth" + "github.com/gogits/gogs/modules/base" ) -func Create(req *http.Request, r render.Render, session sessions.Session) { +func Create(req *http.Request, r render.Render, data base.TmplData, session sessions.Session) { + data["Title"] = "Create repository" + if req.Method == "GET" { r.HTML(200, "repo/create", map[string]interface{}{ - "Title": "Create repository", - "UserName": user.SignedInName(session), - "UserId": user.SignedInId(session), - "IsSigned": user.IsSignedIn(session), + "UserName": auth.SignedInName(session), + "UserId": auth.SignedInId(session), + "IsSigned": auth.IsSignedIn(session), }) return } @@ -42,7 +44,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) { if err == nil { r.HTML(200, "repo/created", map[string]interface{}{ "RepoName": u.Name + "/" + req.FormValue("name"), - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) return } @@ -51,7 +53,7 @@ func Create(req *http.Request, r render.Render, session sessions.Session) { if err != nil { r.HTML(200, "base/error", map[string]interface{}{ "Error": fmt.Sprintf("%v", err), - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) } } @@ -60,7 +62,7 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) { if req.Method == "GET" { r.HTML(200, "repo/delete", map[string]interface{}{ "Title": "Delete repository", - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) return } @@ -70,19 +72,19 @@ func Delete(req *http.Request, r render.Render, session sessions.Session) { if err != nil { r.HTML(200, "base/error", map[string]interface{}{ "Error": fmt.Sprintf("%v", err), - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) } } func List(req *http.Request, r render.Render, session sessions.Session) { - u := user.SignedInUser(session) + u := auth.SignedInUser(session) repos, err := models.GetRepositories(u) fmt.Println("repos", repos) if err != nil { r.HTML(200, "base/error", map[string]interface{}{ "Error": fmt.Sprintf("%v", err), - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) return } @@ -90,6 +92,6 @@ func List(req *http.Request, r render.Render, session sessions.Session) { r.HTML(200, "repo/list", map[string]interface{}{ "Title": "repositories", "Repos": repos, - "IsSigned": user.IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) } diff --git a/routers/user/ssh.go b/routers/user/ssh.go index 9e9cf009fe..c928407d4a 100644 --- a/routers/user/ssh.go +++ b/routers/user/ssh.go @@ -9,21 +9,22 @@ import ( "net/http" "github.com/martini-contrib/render" + "github.com/martini-contrib/sessions" "github.com/gogits/gogs/models" - "github.com/martini-contrib/sessions" + "github.com/gogits/gogs/modules/auth" ) func AddPublicKey(req *http.Request, r render.Render, session sessions.Session) { if req.Method == "GET" { r.HTML(200, "user/publickey_add", map[string]interface{}{ "Title": "Add Public Key", - "IsSigned": IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) return } - k := &models.PublicKey{OwnerId: SignedInId(session), + k := &models.PublicKey{OwnerId: auth.SignedInId(session), Name: req.FormValue("keyname"), Content: req.FormValue("key_content"), } @@ -31,7 +32,7 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session) if err != nil { r.HTML(403, "status/403", map[string]interface{}{ "Title": fmt.Sprintf("%v", err), - "IsSigned": IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) } else { r.HTML(200, "user/publickey_added", map[string]interface{}{}) @@ -39,11 +40,11 @@ func AddPublicKey(req *http.Request, r render.Render, session sessions.Session) } func ListPublicKey(req *http.Request, r render.Render, session sessions.Session) { - keys, err := models.ListPublicKey(SignedInId(session)) + keys, err := models.ListPublicKey(auth.SignedInId(session)) if err != nil { r.HTML(200, "base/error", map[string]interface{}{ "Error": fmt.Sprintf("%v", err), - "IsSigned": IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) return } @@ -51,6 +52,6 @@ func ListPublicKey(req *http.Request, r render.Render, session sessions.Session) r.HTML(200, "user/publickey_list", map[string]interface{}{ "Title": "repositories", "Keys": keys, - "IsSigned": IsSignedIn(session), + "IsSigned": auth.IsSignedIn(session), }) } diff --git a/routers/user/user.go b/routers/user/user.go index 90494b2834..fae376dd28 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -8,7 +8,6 @@ import ( "fmt" "net/http" - //"github.com/martini-contrib/binding" "github.com/martini-contrib/render" "github.com/martini-contrib/sessions" @@ -19,80 +18,23 @@ import ( ) func Dashboard(r render.Render, data base.TmplData, session sessions.Session) { - if !IsSignedIn(session) { - // todo : direct to logout - r.Redirect("/") - return - } - - data["IsSigned"] = true - data["SignedUserId"] = SignedInId(session) - data["SignedUserName"] = SignedInName(session) - data["PageIsUserDashboard"] = true - data["Avatar"] = SignedInUser(session).Avatar - data["Title"] = "Dashboard" + data["PageIsUserDashboard"] = true r.HTML(200, "user/dashboard", data) } func Profile(r render.Render, data base.TmplData, session sessions.Session) { data["Title"] = "Profile" - data["IsSigned"] = IsSignedIn(session) + data["IsSigned"] = auth.IsSignedIn(session) // TODO: Need to check view self or others. - user := SignedInUser(session) + user := auth.SignedInUser(session) data["Avatar"] = user.Avatar data["Username"] = user.Name r.HTML(200, "user/profile", data) } -func IsSignedIn(session sessions.Session) bool { - return SignedInId(session) > 0 -} - -func SignedInId(session sessions.Session) int64 { - userId := session.Get("userId") - if userId == nil { - return 0 - } - if s, ok := userId.(int64); ok { - return s - } - return 0 -} - -func SignedInName(session sessions.Session) string { - userName := session.Get("userName") - if userName == nil { - return "" - } - if s, ok := userName.(string); ok { - return s - } - return "" -} - -func SignedInUser(session sessions.Session) *models.User { - id := SignedInId(session) - if id <= 0 { - return nil - } - - user, err := models.GetUserById(id) - if err != nil { - log.Error("user.SignedInUser: %v", err) - return nil - } - return user -} - func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render.Render, session sessions.Session) { - // if logged, do not show login page - if IsSignedIn(session) { - r.Redirect("/") - return - } - data["Title"] = "Log In" if req.Method == "GET" { @@ -128,11 +70,6 @@ func SignIn(form auth.LogInForm, data base.TmplData, req *http.Request, r render } func SignOut(r render.Render, session sessions.Session) { - if !IsSignedIn(session) { - r.Redirect("/") - return - } - session.Delete("userId") session.Delete("userName") r.Redirect("/") diff --git a/templates/repo/create.tmpl b/templates/repo/create.tmpl index 809637c4eb..ffcffb09e3 100644 --- a/templates/repo/create.tmpl +++ b/templates/repo/create.tmpl @@ -10,6 +10,7 @@ +
@@ -17,12 +18,21 @@ Great repository names are short and memorable.
+ +
+ +
+

Public

+
+
+
+
@@ -36,6 +46,7 @@
+
@@ -46,6 +57,7 @@
+
diff --git a/web.go b/web.go index 34892b129d..b047466991 100644 --- a/web.go +++ b/web.go @@ -57,17 +57,17 @@ func runWeb(*cli.Context) { m.Use(sessions.Sessions("my_session", store)) // Routers. - m.Get("/", routers.Home) - m.Any("/user/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) - m.Any("/user/logout", user.SignOut) - m.Any("/user/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) - + m.Get("/", auth.SignInRequire(false), routers.Home) + m.Any("/user/login", auth.SignOutRequire(), binding.BindIgnErr(auth.LogInForm{}), user.SignIn) + m.Any("/user/logout", auth.SignInRequire(true), user.SignOut) + m.Any("/user/sign_up", auth.SignOutRequire(), binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) m.Get("/user/profile", user.Profile) // should be /username - m.Any("/user/delete", user.Delete) + m.Any("/user/delete", auth.SignInRequire(true), user.Delete) m.Any("/user/publickey/add", user.AddPublicKey) m.Any("/user/publickey/list", user.ListPublicKey) - m.Any("/repo/create", repo.Create) - m.Any("/repo/delete", repo.Delete) + + m.Any("/repo/create", auth.SignInRequire(true), repo.Create) + m.Any("/repo/delete", auth.SignInRequire(true), repo.Delete) m.Any("/repo/list", repo.List) listenAddr := fmt.Sprintf("%s:%s",