* Add single sign-on support via SSPI on Windows
* Ensure plugins implement interface
* Ensure plugins implement interface
* Move functions used only by the SSPI auth method to sspi_windows.go
* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected
* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.
* Update documentation for the new 'SPNEGO with SSPI' login source
* Mention in documentation that ROOT_URL should contain the FQDN of the server
* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)
* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)
* Add option in SSPIConfig for removing of domains from logon names
* Update helper text for StripDomainNames option
* Make sure handleSignIn() is called after a new user object is created by SSPI auth method
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Remove default value from text of form field helper
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates
* Remove code duplication
* Log errors in ActiveLoginSources
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert suffix of randomly generated E-mails for Reverse proxy authentication
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Revert unneeded white-space change in template
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Add copyright comments at the top of new files
* Use loopback name for randomly generated emails
* Add locale tag for the SSPISeparatorReplacement field with proper casing
* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields
* Update docs/content/doc/features/authentication.en-us.md
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Remove Priority() method and define the order in which SSO auth methods should be executed in one place
* Log authenticated username only if it's not empty
* Rephrase helper text for automatic creation of users
* Return error if more than one active SSPI auth source is found
* Change newUser() function to return error, letting caller log/handle the error
* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed
* Refactor initialization of the list containing SSO auth methods
* Validate SSPI settings on POST
* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page
* Make 'Default language' in SSPI config empty, unless changed by admin
* Show error if admin tries to add a second authentication source of type SSPI
* Simplify declaration of global variable
* Rebuild gitgraph.js on Linux
* Make sure config values containing only whitespace are not accepted
* Send email to assigned user
* Only send mail if enabled
* Mail also when assigned through API
* Need to refactor functions from models to issue service
* Refer to issue index rather than ID
* Disable email notifications completly at initalization if global disable
* Check of user enbled mail shall be in mail notification function only
* Initialize notifications from routers init function.
* Use the assigned comment when sending assigned mail
* Refactor so that assignees always added as separate step when new issue/pr.
* Check error from AddAssignees
* Check if user can be assiged to issue or pull request
* Missing return
* Refactor of CanBeAssigned check.
CanBeAssigned shall have same check as UI.
* Clarify function names (toggle rather than update/change), and clean up.
* Fix review comments.
* Flash error if assignees was not added when creating issue/pr
* Generate error if assignee users doesn't exist
* Prevent deadlock in indexer initialisation during graceful restart
* Move from gracehttp to our own service to add graceful ssh
* Add timeout for start of indexers and make hammer time configurable
* Fix issue with re-initialization in indexer during tests
* move the code to detect use of closed to graceful
* Handle logs gracefully - add a pid suffix just before restart
* Move to using a cond and a holder for indexers
* use time.Since
* Add some comments and attribution
* update modules.txt
* Use zero to disable timeout
* Move RestartProcess to its own file
* Add cleanup routine
* move all mail related codes from models to modules/mailer
* fix lint
* use DBContext instead Engine
* use WithContext not WithEngine
* Use DBContext instead of Engine
* don't use defer when sess.Close()
* move DBContext to context.go and add some methods
* move mailer from modules/ to services
* fix lint
* fix tests
* fix fmt
* add gitea copyright
* fix tests
* don't expose db functions
* make code clear
* add DefaultDBContext
* fix build
* fix bug
* Move hook functionality internally
* Internalise serv logic
* Remove old internal paths
* finally remove the gitlogger
* Disallow push on archived repositories
* fix lint error
* Update modules/private/key.go
* Update routers/private/hook.go
* Update routers/private/hook.go
* Update routers/private/hook.go
* Updated routers/private/serv.go
* Fix LFS Locks over SSH
* rev-list needs to be run by the hook process
* fixup
* Improve git test
* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* slight refactor
* Remove unnecessary "/"
* Restore ensureAnonymousClone
* Restore ensureAnonymousClone
* Run rev-list on server side
* Try passing in the alternative directories instead
* Mark test as skipped
* Improve git test
* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
* Panic don't fatal on create new logger
Fixes#5854
Signed-off-by: Andrew Thornton <art27@cantab.net>
* partial broken
* Update the logging infrastrcture
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Reset the skip levels for Fatal and Error
Signed-off-by: Andrew Thornton <art27@cantab.net>
* broken ncsa
* More log.Error fixes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove nal
* set log-levels to lowercase
* Make console_test test all levels
* switch to lowercased levels
* OK now working
* Fix vetting issues
* Fix lint
* Fix tests
* change default logging to match current gitea
* Improve log testing
Signed-off-by: Andrew Thornton <art27@cantab.net>
* reset error skip levels to 0
* Update documentation and access logger configuration
* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE
* Fix broken level caching
* Refactor the router log
* Add Router logger
* Add colorizing options
* Adjust router colors
* Only create logger if they will be used
* update app.ini.sample
* rename Attribute ColorAttribute
* Change from white to green for function
* Set fatal/error levels
* Restore initial trace logger
* Fix Trace arguments in modules/auth/auth.go
* Properly handle XORMLogger
* Improve admin/config page
* fix fmt
* Add auto-compression of old logs
* Update error log levels
* Remove the unnecessary skip argument from Error, Fatal and Critical
* Add stacktrace support
* Fix tests
* Remove x/sync from vendors?
* Add stderr option to console logger
* Use filepath.ToSlash to protect against Windows in tests
* Remove prefixed underscores from names in colors.go
* Remove not implemented database logger
This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.
* Ensure that log paths are relative to ROOT_PATH
* use path.Join
* rename jsonConfig to logConfig
* Rename "config" to "jsonConfig" to make it clearer
* Requested changes
* Requested changes: XormLogger
* Try to color the windows terminal
If successful default to colorizing the console logs
* fixup
* Colorize initially too
* update vendor
* Colorize logs on default and remove if this is not a colorizing logger
* Fix documentation
* fix test
* Use go-isatty to detect if on windows we are on msys or cygwin
* Fix spelling mistake
* Add missing vendors
* More changes
* Rationalise the ANSI writer protection
* Adjust colors on advice from @0x5c
* Make Flags a comma separated list
* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING
* Ensure matching is done on the non-colored message - to simpify EXPRESSION
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
* Set session and indexers' data files rel to AppDataPath
The setting AppDataPath is now relative to the working directory.
The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions.
The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves.
* fix bug
* Add commit count caching
* Small refactoring
* Add different key prefix for refs and commits
* Add configuratuion option to allow to change caching time or disable it
* Configurable SSH cipher suite
* Update configuration file comment
* Add default in settings loading code
* Fix fmt and log messsage
* Remove default from code as this could probably might not be good idea
* restructure markup & markdown to prepare for multiple markup languages support
* adjust some functions between markdown and markup
* fix tests
* improve the comments
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)
* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)
* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
This change corrects a few logging issues:
* Standardized formatting errors with '%v'.
* Standardized failure warning word usage.
* Corrected an instance of using the standard log library when
the gitea log library should be used instead.
* Get rid of the bin folder within the build process
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped latest make task, it is unused
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Added tidb tag to drone config
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped the cert build tag
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped useless minwinsvc build tag
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped the useless build tags from drone config
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
QuaSoft
Lunny Xiao
David Svantesson
zeripath
Tamal Saha
kolaente
Paul Brackin
Lauris BH
Guillaume Dube
Cum Gun
Ethan Koenig
spacetourist
Ethan Koenig
Kim "BKC" Carlbäcker
Willem van Dreumel
Gabriel Jackson
Thomas Boerger