mirror of
				https://github.com/go-gitea/gitea.git
				synced 2025-10-24 23:00:07 +02:00 
			
		
		
		
	Clean oauth code
This commit is contained in:
		
							parent
							
								
									8c266f2df5
								
							
						
					
					
						commit
						4b9b8024ba
					
				
							
								
								
									
										30
									
								
								conf/app.ini
									
									
									
									
									
								
							
							
						
						
									
										30
									
								
								conf/app.ini
									
									
									
									
									
								
							| @ -76,10 +76,38 @@ PASSWD = | |||||||
| ENABLED = false | ENABLED = false | ||||||
| 
 | 
 | ||||||
| [oauth.github] | [oauth.github] | ||||||
| ENABLED = | ENABLED = false | ||||||
| CLIENT_ID =  | CLIENT_ID =  | ||||||
| CLIENT_SECRET =  | CLIENT_SECRET =  | ||||||
| SCOPES = https://api.github.com/user | SCOPES = https://api.github.com/user | ||||||
|  | AUTH_URL = https://github.com/login/oauth/authorize | ||||||
|  | TOKEN_URL = https://github.com/login/oauth/access_token | ||||||
|  | 
 | ||||||
|  | ; Get client id and secret from | ||||||
|  | ; https://console.developers.google.com/project | ||||||
|  | [oauth.google] | ||||||
|  | ENABLED = false | ||||||
|  | CLIENT_ID =  | ||||||
|  | CLIENT_SECRET =  | ||||||
|  | SCOPES = https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile | ||||||
|  | AUTH_URL = https://accounts.google.com/o/oauth2/auth | ||||||
|  | TOKEN_URL = https://accounts.google.com/o/oauth2/token | ||||||
|  | 
 | ||||||
|  | [oauth.qq] | ||||||
|  | ENABLED = false | ||||||
|  | CLIENT_ID =  | ||||||
|  | CLIENT_SECRET =  | ||||||
|  | SCOPES = all | ||||||
|  | AUTH_URL = https://open.t.qq.com/cgi-bin/oauth2/authorize | ||||||
|  | TOKEN_URL = https://open.t.qq.com/cgi-bin/oauth2/access_token | ||||||
|  | 
 | ||||||
|  | [oauth.twitter] | ||||||
|  | ENABLED = false | ||||||
|  | CLIENT_ID =  | ||||||
|  | CLIENT_SECRET =  | ||||||
|  | SCOPES = all | ||||||
|  | AUTH_URL = https://api.twitter.com/oauth/authorize | ||||||
|  | TOKEN_URL = https://api.twitter.com/oauth/access_token | ||||||
| 
 | 
 | ||||||
| [cache] | [cache] | ||||||
| ; Either "memory", "redis", or "memcache", default is "memory" | ; Either "memory", "redis", or "memcache", default is "memory" | ||||||
|  | |||||||
| @ -14,11 +14,15 @@ const ( | |||||||
| 	OT_GOOGLE | 	OT_GOOGLE | ||||||
| 	OT_TWITTER | 	OT_TWITTER | ||||||
| 	OT_QQ | 	OT_QQ | ||||||
|  | 	OT_WEIBO | ||||||
|  | 	OT_BITBUCKET | ||||||
|  | 	OT_OSCHINA | ||||||
|  | 	OT_FACEBOOK | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| var ( | var ( | ||||||
| 	ErrOauth2RecordNotExists       = errors.New("not exists oauth2 record") | 	ErrOauth2RecordNotExist = errors.New("OAuth2 record does not exist") | ||||||
| 	ErrOauth2NotAssociatedWithUser = errors.New("not associated with user") | 	ErrOauth2NotAssociated  = errors.New("OAuth2 is not associated with user") | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| type Oauth2 struct { | type Oauth2 struct { | ||||||
| @ -35,11 +39,9 @@ func BindUserOauth2(userId, oauthId int64) error { | |||||||
| 	return err | 	return err | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func AddOauth2(oa *Oauth2) (err error) { | func AddOauth2(oa *Oauth2) error { | ||||||
| 	if _, err = orm.Insert(oa); err != nil { | 	_, err := orm.Insert(oa) | ||||||
| 		return err | 	return err | ||||||
| 	} |  | ||||||
| 	return nil |  | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func GetOauth2(identity string) (oa *Oauth2, err error) { | func GetOauth2(identity string) (oa *Oauth2, err error) { | ||||||
| @ -48,9 +50,9 @@ func GetOauth2(identity string) (oa *Oauth2, err error) { | |||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		return | 		return | ||||||
| 	} else if !isExist { | 	} else if !isExist { | ||||||
| 		return nil, ErrOauth2RecordNotExists | 		return nil, ErrOauth2RecordNotExist | ||||||
| 	} else if oa.Uid == -1 { | 	} else if oa.Uid == -1 { | ||||||
| 		return oa, ErrOauth2NotAssociatedWithUser | 		return oa, ErrOauth2NotAssociated | ||||||
| 	} | 	} | ||||||
| 	oa.User, err = GetUserById(oa.Uid) | 	oa.User, err = GetUserById(oa.Uid) | ||||||
| 	return oa, err | 	return oa, err | ||||||
| @ -61,9 +63,8 @@ func GetOauth2ById(id int64) (oa *Oauth2, err error) { | |||||||
| 	has, err := orm.Id(id).Get(oa) | 	has, err := orm.Id(id).Get(oa) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		return nil, err | 		return nil, err | ||||||
| 	} | 	} else if !has { | ||||||
| 	if !has { | 		return nil, ErrOauth2RecordNotExist | ||||||
| 		return nil, ErrOauth2RecordNotExists |  | ||||||
| 	} | 	} | ||||||
| 	return oa, nil | 	return oa, nil | ||||||
| } | } | ||||||
|  | |||||||
| @ -714,9 +714,14 @@ func GetRepositoryById(id int64) (*Repository, error) { | |||||||
| } | } | ||||||
| 
 | 
 | ||||||
| // GetRepositories returns the list of repositories of given user. | // GetRepositories returns the list of repositories of given user. | ||||||
| func GetRepositories(user *User) ([]Repository, error) { | func GetRepositories(user *User, private bool) ([]Repository, error) { | ||||||
| 	repos := make([]Repository, 0, 10) | 	repos := make([]Repository, 0, 10) | ||||||
| 	err := orm.Desc("updated").Find(&repos, &Repository{OwnerId: user.Id}) | 	sess := orm.Desc("updated") | ||||||
|  | 	if !private { | ||||||
|  | 		sess.Where("is_private=?", false) | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	err := sess.Find(&repos, &Repository{OwnerId: user.Id}) | ||||||
| 	return repos, err | 	return repos, err | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -234,7 +234,7 @@ func ChangeUserName(user *User, newUserName string) (err error) { | |||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	repos, err := GetRepositories(user) | 	repos, err := GetRepositories(user, true) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		return err | 		return err | ||||||
| 	} | 	} | ||||||
|  | |||||||
| @ -29,13 +29,17 @@ type Mailer struct { | |||||||
| 	User, Passwd string | 	User, Passwd string | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | type OauthInfo struct { | ||||||
|  | 	ClientId, ClientSecret string | ||||||
|  | 	Scopes                 string | ||||||
|  | 	AuthUrl, TokenUrl      string | ||||||
|  | } | ||||||
|  | 
 | ||||||
| // Oauther represents oauth service. | // Oauther represents oauth service. | ||||||
| type Oauther struct { | type Oauther struct { | ||||||
| 	GitHub struct { | 	GitHub, Google, Tencent bool | ||||||
| 		Enabled                bool | 	Twitter                 bool | ||||||
| 		ClientId, ClientSecret string | 	OauthInfos              map[string]*OauthInfo | ||||||
| 		Scopes                 string |  | ||||||
| 	} |  | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| var ( | var ( | ||||||
| @ -252,26 +256,6 @@ func newNotifyMailService() { | |||||||
| 	log.Info("Notify Mail Service Enabled") | 	log.Info("Notify Mail Service Enabled") | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func newOauthService() { |  | ||||||
| 	if !Cfg.MustBool("oauth", "ENABLED") { |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	OauthService = &Oauther{} |  | ||||||
| 	oauths := make([]string, 0, 10) |  | ||||||
| 
 |  | ||||||
| 	// GitHub. |  | ||||||
| 	if Cfg.MustBool("oauth.github", "ENABLED") { |  | ||||||
| 		OauthService.GitHub.Enabled = true |  | ||||||
| 		OauthService.GitHub.ClientId = Cfg.MustValue("oauth.github", "CLIENT_ID") |  | ||||||
| 		OauthService.GitHub.ClientSecret = Cfg.MustValue("oauth.github", "CLIENT_SECRET") |  | ||||||
| 		OauthService.GitHub.Scopes = Cfg.MustValue("oauth.github", "SCOPES") |  | ||||||
| 		oauths = append(oauths, "GitHub") |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	log.Info("Oauth Service Enabled %s", oauths) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func NewConfigContext() { | func NewConfigContext() { | ||||||
| 	//var err error | 	//var err error | ||||||
| 	workDir, err := ExecDir() | 	workDir, err := ExecDir() | ||||||
| @ -328,7 +312,7 @@ func NewConfigContext() { | |||||||
| 	} | 	} | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func NewServices() { | func NewBaseServices() { | ||||||
| 	newService() | 	newService() | ||||||
| 	newLogService() | 	newLogService() | ||||||
| 	newCacheService() | 	newCacheService() | ||||||
| @ -336,5 +320,4 @@ func NewServices() { | |||||||
| 	newMailService() | 	newMailService() | ||||||
| 	newRegisterMailService() | 	newRegisterMailService() | ||||||
| 	newNotifyMailService() | 	newNotifyMailService() | ||||||
| 	newOauthService() |  | ||||||
| } | } | ||||||
|  | |||||||
| @ -82,7 +82,8 @@ func (ctx *Context) HasError() bool { | |||||||
| 	if !ok { | 	if !ok { | ||||||
| 		return false | 		return false | ||||||
| 	} | 	} | ||||||
| 	ctx.Flash.Error(ctx.Data["ErrorMsg"].(string)) | 	ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string) | ||||||
|  | 	ctx.Data["Flash"] = ctx.Flash | ||||||
| 	return hasErr.(bool) | 	return hasErr.(bool) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -1,228 +0,0 @@ | |||||||
| // Copyright 2014 Google Inc. All Rights Reserved. |  | ||||||
| // Copyright 2014 The Gogs Authors. All rights reserved. |  | ||||||
| // Use of this source code is governed by a MIT-style |  | ||||||
| // license that can be found in the LICENSE file. |  | ||||||
| 
 |  | ||||||
| // Package oauth2 contains Martini handlers to provide |  | ||||||
| // user login via an OAuth 2.0 backend. |  | ||||||
| package oauth2 |  | ||||||
| 
 |  | ||||||
| import ( |  | ||||||
| 	"encoding/json" |  | ||||||
| 	"net/http" |  | ||||||
| 	"net/url" |  | ||||||
| 	"strings" |  | ||||||
| 	"time" |  | ||||||
| 
 |  | ||||||
| 	"code.google.com/p/goauth2/oauth" |  | ||||||
| 	"github.com/go-martini/martini" |  | ||||||
| 
 |  | ||||||
| 	"github.com/gogits/session" |  | ||||||
| 
 |  | ||||||
| 	"github.com/gogits/gogs/modules/log" |  | ||||||
| 	"github.com/gogits/gogs/modules/middleware" |  | ||||||
| ) |  | ||||||
| 
 |  | ||||||
| const ( |  | ||||||
| 	keyToken    = "oauth2_token" |  | ||||||
| 	keyNextPage = "next" |  | ||||||
| ) |  | ||||||
| 
 |  | ||||||
| var ( |  | ||||||
| 	// Path to handle OAuth 2.0 logins. |  | ||||||
| 	PathLogin = "/login" |  | ||||||
| 	// Path to handle OAuth 2.0 logouts. |  | ||||||
| 	PathLogout = "/logout" |  | ||||||
| 	// Path to handle callback from OAuth 2.0 backend |  | ||||||
| 	// to exchange credentials. |  | ||||||
| 	PathCallback = "/oauth2callback" |  | ||||||
| 	// Path to handle error cases. |  | ||||||
| 	PathError = "/oauth2error" |  | ||||||
| ) |  | ||||||
| 
 |  | ||||||
| // Represents OAuth2 backend options. |  | ||||||
| type Options struct { |  | ||||||
| 	ClientId     string |  | ||||||
| 	ClientSecret string |  | ||||||
| 	RedirectURL  string |  | ||||||
| 	Scopes       []string |  | ||||||
| 
 |  | ||||||
| 	AuthUrl  string |  | ||||||
| 	TokenUrl string |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Represents a container that contains |  | ||||||
| // user's OAuth 2.0 access and refresh tokens. |  | ||||||
| type Tokens interface { |  | ||||||
| 	Access() string |  | ||||||
| 	Refresh() string |  | ||||||
| 	IsExpired() bool |  | ||||||
| 	ExpiryTime() time.Time |  | ||||||
| 	ExtraData() map[string]string |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| type token struct { |  | ||||||
| 	oauth.Token |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (t *token) ExtraData() map[string]string { |  | ||||||
| 	return t.Extra |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns the access token. |  | ||||||
| func (t *token) Access() string { |  | ||||||
| 	return t.AccessToken |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns the refresh token. |  | ||||||
| func (t *token) Refresh() string { |  | ||||||
| 	return t.RefreshToken |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns whether the access token is |  | ||||||
| // expired or not. |  | ||||||
| func (t *token) IsExpired() bool { |  | ||||||
| 	if t == nil { |  | ||||||
| 		return true |  | ||||||
| 	} |  | ||||||
| 	return t.Expired() |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns the expiry time of the user's |  | ||||||
| // access token. |  | ||||||
| func (t *token) ExpiryTime() time.Time { |  | ||||||
| 	return t.Expiry |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns a new Google OAuth 2.0 backend endpoint. |  | ||||||
| func Google(opts *Options) martini.Handler { |  | ||||||
| 	opts.AuthUrl = "https://accounts.google.com/o/oauth2/auth" |  | ||||||
| 	opts.TokenUrl = "https://accounts.google.com/o/oauth2/token" |  | ||||||
| 	return NewOAuth2Provider(opts) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns a new Github OAuth 2.0 backend endpoint. |  | ||||||
| func Github(opts *Options) martini.Handler { |  | ||||||
| 	opts.AuthUrl = "https://github.com/login/oauth/authorize" |  | ||||||
| 	opts.TokenUrl = "https://github.com/login/oauth/access_token" |  | ||||||
| 	return NewOAuth2Provider(opts) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Facebook(opts *Options) martini.Handler { |  | ||||||
| 	opts.AuthUrl = "https://www.facebook.com/dialog/oauth" |  | ||||||
| 	opts.TokenUrl = "https://graph.facebook.com/oauth/access_token" |  | ||||||
| 	return NewOAuth2Provider(opts) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Returns a generic OAuth 2.0 backend endpoint. |  | ||||||
| func NewOAuth2Provider(opts *Options) martini.Handler { |  | ||||||
| 	config := &oauth.Config{ |  | ||||||
| 		ClientId:     opts.ClientId, |  | ||||||
| 		ClientSecret: opts.ClientSecret, |  | ||||||
| 		RedirectURL:  opts.RedirectURL, |  | ||||||
| 		Scope:        strings.Join(opts.Scopes, " "), |  | ||||||
| 		AuthURL:      opts.AuthUrl, |  | ||||||
| 		TokenURL:     opts.TokenUrl, |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	transport := &oauth.Transport{ |  | ||||||
| 		Config:    config, |  | ||||||
| 		Transport: http.DefaultTransport, |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	return func(c martini.Context, ctx *middleware.Context) { |  | ||||||
| 		if ctx.Req.Method == "GET" { |  | ||||||
| 			switch ctx.Req.URL.Path { |  | ||||||
| 			case PathLogin: |  | ||||||
| 				login(transport, ctx) |  | ||||||
| 			case PathLogout: |  | ||||||
| 				logout(transport, ctx) |  | ||||||
| 			case PathCallback: |  | ||||||
| 				handleOAuth2Callback(transport, ctx) |  | ||||||
| 			} |  | ||||||
| 		} |  | ||||||
| 
 |  | ||||||
| 		tk := unmarshallToken(ctx.Session) |  | ||||||
| 		if tk != nil { |  | ||||||
| 			// check if the access token is expired |  | ||||||
| 			if tk.IsExpired() && tk.Refresh() == "" { |  | ||||||
| 				ctx.Session.Delete(keyToken) |  | ||||||
| 				tk = nil |  | ||||||
| 			} |  | ||||||
| 		} |  | ||||||
| 		// Inject tokens. |  | ||||||
| 		c.MapTo(tk, (*Tokens)(nil)) |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // Handler that redirects user to the login page |  | ||||||
| // if user is not logged in. |  | ||||||
| // Sample usage: |  | ||||||
| // m.Get("/login-required", oauth2.LoginRequired, func() ... {}) |  | ||||||
| var LoginRequired martini.Handler = func() martini.Handler { |  | ||||||
| 	return func(c martini.Context, ctx *middleware.Context) { |  | ||||||
| 		token := unmarshallToken(ctx.Session) |  | ||||||
| 		if token == nil || token.IsExpired() { |  | ||||||
| 			next := url.QueryEscape(ctx.Req.URL.RequestURI()) |  | ||||||
| 			ctx.Redirect(PathLogin + "?next=" + next) |  | ||||||
| 			return |  | ||||||
| 		} |  | ||||||
| 	} |  | ||||||
| }() |  | ||||||
| 
 |  | ||||||
| func login(t *oauth.Transport, ctx *middleware.Context) { |  | ||||||
| 	next := extractPath(ctx.Query(keyNextPage)) |  | ||||||
| 	if ctx.Session.Get(keyToken) == nil { |  | ||||||
| 		// User is not logged in. |  | ||||||
| 		ctx.Redirect(t.Config.AuthCodeURL(next)) |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 	// No need to login, redirect to the next page. |  | ||||||
| 	ctx.Redirect(next) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func logout(t *oauth.Transport, ctx *middleware.Context) { |  | ||||||
| 	next := extractPath(ctx.Query(keyNextPage)) |  | ||||||
| 	ctx.Session.Delete(keyToken) |  | ||||||
| 	ctx.Redirect(next) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) { |  | ||||||
| 	if errMsg := ctx.Query("error_description"); len(errMsg) > 0 { |  | ||||||
| 		log.Error("oauth2.handleOAuth2Callback: %s", errMsg) |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	next := extractPath(ctx.Query("state")) |  | ||||||
| 	code := ctx.Query("code") |  | ||||||
| 	tk, err := t.Exchange(code) |  | ||||||
| 	if err != nil { |  | ||||||
| 		// Pass the error message, or allow dev to provide its own |  | ||||||
| 		// error handler. |  | ||||||
| 		log.Error("oauth2.handleOAuth2Callback(token.Exchange): %v", err) |  | ||||||
| 		// ctx.Redirect(PathError) |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 	// Store the credentials in the session. |  | ||||||
| 	val, _ := json.Marshal(tk) |  | ||||||
| 	ctx.Session.Set(keyToken, val) |  | ||||||
| 	ctx.Redirect(next) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func unmarshallToken(s session.SessionStore) (t *token) { |  | ||||||
| 	if s.Get(keyToken) == nil { |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 	data := s.Get(keyToken).([]byte) |  | ||||||
| 	var tk oauth.Token |  | ||||||
| 	json.Unmarshal(data, &tk) |  | ||||||
| 	return &token{tk} |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func extractPath(next string) string { |  | ||||||
| 	n, err := url.Parse(next) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return "/" |  | ||||||
| 	} |  | ||||||
| 	return n.Path |  | ||||||
| } |  | ||||||
| @ -1,162 +0,0 @@ | |||||||
| // Copyright 2014 Google Inc. All Rights Reserved. |  | ||||||
| // |  | ||||||
| // Licensed under the Apache License, Version 2.0 (the "License"); |  | ||||||
| // you may not use this file except in compliance with the License. |  | ||||||
| // You may obtain a copy of the License at |  | ||||||
| // |  | ||||||
| //      http://www.apache.org/licenses/LICENSE-2.0 |  | ||||||
| // |  | ||||||
| // Unless required by applicable law or agreed to in writing, software |  | ||||||
| // distributed under the License is distributed on an "AS IS" BASIS, |  | ||||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |  | ||||||
| // See the License for the specific language governing permissions and |  | ||||||
| // limitations under the License. |  | ||||||
| 
 |  | ||||||
| package oauth2 |  | ||||||
| 
 |  | ||||||
| import ( |  | ||||||
| 	"net/http" |  | ||||||
| 	"net/http/httptest" |  | ||||||
| 	"testing" |  | ||||||
| 
 |  | ||||||
| 	"github.com/go-martini/martini" |  | ||||||
| 	"github.com/martini-contrib/sessions" |  | ||||||
| ) |  | ||||||
| 
 |  | ||||||
| func Test_LoginRedirect(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	m := martini.New() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 		ClientId:     "client_id", |  | ||||||
| 		ClientSecret: "client_secret", |  | ||||||
| 		RedirectURL:  "refresh_url", |  | ||||||
| 		Scopes:       []string{"x", "y"}, |  | ||||||
| 	})) |  | ||||||
| 
 |  | ||||||
| 	r, _ := http.NewRequest("GET", "/login", nil) |  | ||||||
| 	m.ServeHTTP(recorder, r) |  | ||||||
| 
 |  | ||||||
| 	location := recorder.HeaderMap["Location"][0] |  | ||||||
| 	if recorder.Code != 302 { |  | ||||||
| 		t.Errorf("Not being redirected to the auth page.") |  | ||||||
| 	} |  | ||||||
| 	if location != "https://accounts.google.com/o/oauth2/auth?access_type=&approval_prompt=&client_id=client_id&redirect_uri=refresh_url&response_type=code&scope=x+y&state=" { |  | ||||||
| 		t.Errorf("Not being redirected to the right page, %v found", location) |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Test_LoginRedirectAfterLoginRequired(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	m := martini.Classic() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 		ClientId:     "client_id", |  | ||||||
| 		ClientSecret: "client_secret", |  | ||||||
| 		RedirectURL:  "refresh_url", |  | ||||||
| 		Scopes:       []string{"x", "y"}, |  | ||||||
| 	})) |  | ||||||
| 
 |  | ||||||
| 	m.Get("/login-required", LoginRequired, func(tokens Tokens) (int, string) { |  | ||||||
| 		return 200, tokens.Access() |  | ||||||
| 	}) |  | ||||||
| 
 |  | ||||||
| 	r, _ := http.NewRequest("GET", "/login-required?key=value", nil) |  | ||||||
| 	m.ServeHTTP(recorder, r) |  | ||||||
| 
 |  | ||||||
| 	location := recorder.HeaderMap["Location"][0] |  | ||||||
| 	if recorder.Code != 302 { |  | ||||||
| 		t.Errorf("Not being redirected to the auth page.") |  | ||||||
| 	} |  | ||||||
| 	if location != "/login?next=%2Flogin-required%3Fkey%3Dvalue" { |  | ||||||
| 		t.Errorf("Not being redirected to the right page, %v found", location) |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Test_Logout(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	s := sessions.NewCookieStore([]byte("secret123")) |  | ||||||
| 
 |  | ||||||
| 	m := martini.Classic() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", s)) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 	// no need to configure |  | ||||||
| 	})) |  | ||||||
| 
 |  | ||||||
| 	m.Get("/", func(s sessions.Session) { |  | ||||||
| 		s.Set(keyToken, "dummy token") |  | ||||||
| 	}) |  | ||||||
| 
 |  | ||||||
| 	m.Get("/get", func(s sessions.Session) { |  | ||||||
| 		if s.Get(keyToken) != nil { |  | ||||||
| 			t.Errorf("User credentials are still kept in the session.") |  | ||||||
| 		} |  | ||||||
| 	}) |  | ||||||
| 
 |  | ||||||
| 	logout, _ := http.NewRequest("GET", "/logout", nil) |  | ||||||
| 	index, _ := http.NewRequest("GET", "/", nil) |  | ||||||
| 
 |  | ||||||
| 	m.ServeHTTP(httptest.NewRecorder(), index) |  | ||||||
| 	m.ServeHTTP(recorder, logout) |  | ||||||
| 
 |  | ||||||
| 	if recorder.Code != 302 { |  | ||||||
| 		t.Errorf("Not being redirected to the next page.") |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Test_LogoutOnAccessTokenExpiration(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	s := sessions.NewCookieStore([]byte("secret123")) |  | ||||||
| 
 |  | ||||||
| 	m := martini.Classic() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", s)) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 	// no need to configure |  | ||||||
| 	})) |  | ||||||
| 
 |  | ||||||
| 	m.Get("/addtoken", func(s sessions.Session) { |  | ||||||
| 		s.Set(keyToken, "dummy token") |  | ||||||
| 	}) |  | ||||||
| 
 |  | ||||||
| 	m.Get("/", func(s sessions.Session) { |  | ||||||
| 		if s.Get(keyToken) != nil { |  | ||||||
| 			t.Errorf("User not logged out although access token is expired.") |  | ||||||
| 		} |  | ||||||
| 	}) |  | ||||||
| 
 |  | ||||||
| 	addtoken, _ := http.NewRequest("GET", "/addtoken", nil) |  | ||||||
| 	index, _ := http.NewRequest("GET", "/", nil) |  | ||||||
| 	m.ServeHTTP(recorder, addtoken) |  | ||||||
| 	m.ServeHTTP(recorder, index) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Test_InjectedTokens(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	m := martini.Classic() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 	// no need to configure |  | ||||||
| 	})) |  | ||||||
| 	m.Get("/", func(tokens Tokens) string { |  | ||||||
| 		return "Hello world!" |  | ||||||
| 	}) |  | ||||||
| 	r, _ := http.NewRequest("GET", "/", nil) |  | ||||||
| 	m.ServeHTTP(recorder, r) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func Test_LoginRequired(t *testing.T) { |  | ||||||
| 	recorder := httptest.NewRecorder() |  | ||||||
| 	m := martini.Classic() |  | ||||||
| 	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123")))) |  | ||||||
| 	m.Use(Google(&Options{ |  | ||||||
| 	// no need to configure |  | ||||||
| 	})) |  | ||||||
| 	m.Get("/", LoginRequired, func(tokens Tokens) string { |  | ||||||
| 		return "Hello world!" |  | ||||||
| 	}) |  | ||||||
| 	r, _ := http.NewRequest("GET", "/", nil) |  | ||||||
| 	m.ServeHTTP(recorder, r) |  | ||||||
| 	if recorder.Code != 302 { |  | ||||||
| 		t.Errorf("Not being redirected to the auth page although user is not logged in.") |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
							
								
								
									
										333
									
								
								modules/social/social.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										333
									
								
								modules/social/social.go
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,333 @@ | |||||||
|  | // Copyright 2014 Google Inc. All Rights Reserved. | ||||||
|  | // Copyright 2014 The Gogs Authors. All rights reserved. | ||||||
|  | // Use of this source code is governed by a MIT-style | ||||||
|  | // license that can be found in the LICENSE file. | ||||||
|  | 
 | ||||||
|  | package social | ||||||
|  | 
 | ||||||
|  | import ( | ||||||
|  | 	"encoding/json" | ||||||
|  | 	"net/http" | ||||||
|  | 	"net/url" | ||||||
|  | 	"strconv" | ||||||
|  | 	"strings" | ||||||
|  | 
 | ||||||
|  | 	"code.google.com/p/goauth2/oauth" | ||||||
|  | 
 | ||||||
|  | 	"github.com/gogits/gogs/models" | ||||||
|  | 	"github.com/gogits/gogs/modules/base" | ||||||
|  | 	"github.com/gogits/gogs/modules/log" | ||||||
|  | ) | ||||||
|  | 
 | ||||||
|  | type BasicUserInfo struct { | ||||||
|  | 	Identity string | ||||||
|  | 	Name     string | ||||||
|  | 	Email    string | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | type SocialConnector interface { | ||||||
|  | 	Type() int | ||||||
|  | 	SetRedirectUrl(string) | ||||||
|  | 	UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error) | ||||||
|  | 
 | ||||||
|  | 	AuthCodeURL(string) string | ||||||
|  | 	Exchange(string) (*oauth.Token, error) | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | var ( | ||||||
|  | 	SocialBaseUrl = "/user/login" | ||||||
|  | 	SocialMap     = make(map[string]SocialConnector) | ||||||
|  | ) | ||||||
|  | 
 | ||||||
|  | func NewOauthService() { | ||||||
|  | 	if !base.Cfg.MustBool("oauth", "ENABLED") { | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	base.OauthService = &base.Oauther{} | ||||||
|  | 	base.OauthService.OauthInfos = make(map[string]*base.OauthInfo) | ||||||
|  | 
 | ||||||
|  | 	socialConfigs := make(map[string]*oauth.Config) | ||||||
|  | 	allOauthes := []string{"github", "google", "qq", "twitter"} | ||||||
|  | 	// Load all OAuth config data. | ||||||
|  | 	for _, name := range allOauthes { | ||||||
|  | 		base.OauthService.OauthInfos[name] = &base.OauthInfo{ | ||||||
|  | 			ClientId:     base.Cfg.MustValue("oauth."+name, "CLIENT_ID"), | ||||||
|  | 			ClientSecret: base.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"), | ||||||
|  | 			Scopes:       base.Cfg.MustValue("oauth."+name, "SCOPES"), | ||||||
|  | 			AuthUrl:      base.Cfg.MustValue("oauth."+name, "AUTH_URL"), | ||||||
|  | 			TokenUrl:     base.Cfg.MustValue("oauth."+name, "TOKEN_URL"), | ||||||
|  | 		} | ||||||
|  | 		socialConfigs[name] = &oauth.Config{ | ||||||
|  | 			ClientId:     base.OauthService.OauthInfos[name].ClientId, | ||||||
|  | 			ClientSecret: base.OauthService.OauthInfos[name].ClientSecret, | ||||||
|  | 			RedirectURL:  strings.TrimSuffix(base.AppUrl, "/") + SocialBaseUrl + name, | ||||||
|  | 			Scope:        base.OauthService.OauthInfos[name].Scopes, | ||||||
|  | 			AuthURL:      base.OauthService.OauthInfos[name].AuthUrl, | ||||||
|  | 			TokenURL:     base.OauthService.OauthInfos[name].TokenUrl, | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	enabledOauths := make([]string, 0, 10) | ||||||
|  | 
 | ||||||
|  | 	// GitHub. | ||||||
|  | 	if base.Cfg.MustBool("oauth.github", "ENABLED") { | ||||||
|  | 		base.OauthService.GitHub = true | ||||||
|  | 		newGitHubOauth(socialConfigs["github"]) | ||||||
|  | 		enabledOauths = append(enabledOauths, "GitHub") | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	// Google. | ||||||
|  | 	if base.Cfg.MustBool("oauth.google", "ENABLED") { | ||||||
|  | 		base.OauthService.Google = true | ||||||
|  | 		newGoogleOauth(socialConfigs["google"]) | ||||||
|  | 		enabledOauths = append(enabledOauths, "Google") | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	// QQ. | ||||||
|  | 	if base.Cfg.MustBool("oauth.qq", "ENABLED") { | ||||||
|  | 		base.OauthService.Tencent = true | ||||||
|  | 		newTencentOauth(socialConfigs["qq"]) | ||||||
|  | 		enabledOauths = append(enabledOauths, "QQ") | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	// Twitter. | ||||||
|  | 	if base.Cfg.MustBool("oauth.twitter", "ENABLED") { | ||||||
|  | 		base.OauthService.Twitter = true | ||||||
|  | 		newTwitterOauth(socialConfigs["twitter"]) | ||||||
|  | 		enabledOauths = append(enabledOauths, "Twitter") | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	log.Info("Oauth Service Enabled %s", enabledOauths) | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | //   ________.__  __     ___ ___      ___. | ||||||
|  | //  /  _____/|__|/  |_  /   |   \ __ _\_ |__ | ||||||
|  | // /   \  ___|  \   __\/    ~    \  |  \ __ \ | ||||||
|  | // \    \_\  \  ||  |  \    Y    /  |  / \_\ \ | ||||||
|  | //  \______  /__||__|   \___|_  /|____/|___  / | ||||||
|  | //         \/                 \/           \/ | ||||||
|  | 
 | ||||||
|  | type SocialGithub struct { | ||||||
|  | 	Token *oauth.Token | ||||||
|  | 	*oauth.Transport | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGithub) Type() int { | ||||||
|  | 	return models.OT_GITHUB | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func newGitHubOauth(config *oauth.Config) { | ||||||
|  | 	SocialMap["github"] = &SocialGithub{ | ||||||
|  | 		Transport: &oauth.Transport{ | ||||||
|  | 			Config:    config, | ||||||
|  | 			Transport: http.DefaultTransport, | ||||||
|  | 		}, | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGithub) SetRedirectUrl(url string) { | ||||||
|  | 	s.Transport.Config.RedirectURL = url | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { | ||||||
|  | 	transport := &oauth.Transport{ | ||||||
|  | 		Token: token, | ||||||
|  | 	} | ||||||
|  | 	var data struct { | ||||||
|  | 		Id    int    `json:"id"` | ||||||
|  | 		Name  string `json:"login"` | ||||||
|  | 		Email string `json:"email"` | ||||||
|  | 	} | ||||||
|  | 	var err error | ||||||
|  | 	r, err := transport.Client().Get(s.Transport.Scope) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	defer r.Body.Close() | ||||||
|  | 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	return &BasicUserInfo{ | ||||||
|  | 		Identity: strconv.Itoa(data.Id), | ||||||
|  | 		Name:     data.Name, | ||||||
|  | 		Email:    data.Email, | ||||||
|  | 	}, nil | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | //   ________                     .__ | ||||||
|  | //  /  _____/  ____   ____   ____ |  |   ____ | ||||||
|  | // /   \  ___ /  _ \ /  _ \ / ___\|  | _/ __ \ | ||||||
|  | // \    \_\  (  <_> |  <_> ) /_/  >  |_\  ___/ | ||||||
|  | //  \______  /\____/ \____/\___  /|____/\___  > | ||||||
|  | //         \/             /_____/           \/ | ||||||
|  | 
 | ||||||
|  | type SocialGoogle struct { | ||||||
|  | 	Token *oauth.Token | ||||||
|  | 	*oauth.Transport | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGoogle) Type() int { | ||||||
|  | 	return models.OT_GOOGLE | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func newGoogleOauth(config *oauth.Config) { | ||||||
|  | 	SocialMap["google"] = &SocialGoogle{ | ||||||
|  | 		Transport: &oauth.Transport{ | ||||||
|  | 			Config:    config, | ||||||
|  | 			Transport: http.DefaultTransport, | ||||||
|  | 		}, | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGoogle) SetRedirectUrl(url string) { | ||||||
|  | 	s.Transport.Config.RedirectURL = url | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { | ||||||
|  | 	transport := &oauth.Transport{Token: token} | ||||||
|  | 	var data struct { | ||||||
|  | 		Id    string `json:"id"` | ||||||
|  | 		Name  string `json:"name"` | ||||||
|  | 		Email string `json:"email"` | ||||||
|  | 	} | ||||||
|  | 	var err error | ||||||
|  | 
 | ||||||
|  | 	reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" | ||||||
|  | 	r, err := transport.Client().Get(reqUrl) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	defer r.Body.Close() | ||||||
|  | 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	return &BasicUserInfo{ | ||||||
|  | 		Identity: data.Id, | ||||||
|  | 		Name:     data.Name, | ||||||
|  | 		Email:    data.Email, | ||||||
|  | 	}, nil | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | // ________   ________ | ||||||
|  | // \_____  \  \_____  \ | ||||||
|  | //  /  / \  \  /  / \  \ | ||||||
|  | // /   \_/.  \/   \_/.  \ | ||||||
|  | // \_____\ \_/\_____\ \_/ | ||||||
|  | //        \__>       \__> | ||||||
|  | 
 | ||||||
|  | type SocialTencent struct { | ||||||
|  | 	Token *oauth.Token | ||||||
|  | 	*oauth.Transport | ||||||
|  | 	reqUrl string | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialTencent) Type() int { | ||||||
|  | 	return models.OT_QQ | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func newTencentOauth(config *oauth.Config) { | ||||||
|  | 	SocialMap["qq"] = &SocialTencent{ | ||||||
|  | 		reqUrl: "https://open.t.qq.com/api/user/info", | ||||||
|  | 		Transport: &oauth.Transport{ | ||||||
|  | 			Config:    config, | ||||||
|  | 			Transport: http.DefaultTransport, | ||||||
|  | 		}, | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialTencent) SetRedirectUrl(url string) { | ||||||
|  | 	s.Transport.Config.RedirectURL = url | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) { | ||||||
|  | 	var data struct { | ||||||
|  | 		Data struct { | ||||||
|  | 			Id    string `json:"openid"` | ||||||
|  | 			Name  string `json:"name"` | ||||||
|  | 			Email string `json:"email"` | ||||||
|  | 		} `json:"data"` | ||||||
|  | 	} | ||||||
|  | 	var err error | ||||||
|  | 	// https://open.t.qq.com/api/user/info? | ||||||
|  | 	//oauth_consumer_key=APP_KEY& | ||||||
|  | 	//access_token=ACCESSTOKEN&openid=openid | ||||||
|  | 	//clientip=CLIENTIP&oauth_version=2.a | ||||||
|  | 	//scope=all | ||||||
|  | 	var urls = url.Values{ | ||||||
|  | 		"oauth_consumer_key": {s.Transport.Config.ClientId}, | ||||||
|  | 		"access_token":       {token.AccessToken}, | ||||||
|  | 		"openid":             URL.Query()["openid"], | ||||||
|  | 		"oauth_version":      {"2.a"}, | ||||||
|  | 		"scope":              {"all"}, | ||||||
|  | 	} | ||||||
|  | 	r, err := http.Get(s.reqUrl + "?" + urls.Encode()) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	defer r.Body.Close() | ||||||
|  | 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 	return &BasicUserInfo{ | ||||||
|  | 		Identity: data.Data.Id, | ||||||
|  | 		Name:     data.Data.Name, | ||||||
|  | 		Email:    data.Data.Email, | ||||||
|  | 	}, nil | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | // ___________       .__  __    __ | ||||||
|  | // \__    ___/_  _  _|__|/  |__/  |_  ___________ | ||||||
|  | //   |    |  \ \/ \/ /  \   __\   __\/ __ \_  __ \ | ||||||
|  | //   |    |   \     /|  ||  |  |  | \  ___/|  | \/ | ||||||
|  | //   |____|    \/\_/ |__||__|  |__|  \___  >__| | ||||||
|  | //                                       \/ | ||||||
|  | 
 | ||||||
|  | type SocialTwitter struct { | ||||||
|  | 	Token *oauth.Token | ||||||
|  | 	*oauth.Transport | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialTwitter) Type() int { | ||||||
|  | 	return models.OT_TWITTER | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func newTwitterOauth(config *oauth.Config) { | ||||||
|  | 	SocialMap["twitter"] = &SocialTwitter{ | ||||||
|  | 		Transport: &oauth.Transport{ | ||||||
|  | 			Config:    config, | ||||||
|  | 			Transport: http.DefaultTransport, | ||||||
|  | 		}, | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func (s *SocialTwitter) SetRedirectUrl(url string) { | ||||||
|  | 	s.Transport.Config.RedirectURL = url | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | //https://github.com/mrjones/oauth | ||||||
|  | func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { | ||||||
|  | 	// transport := &oauth.Transport{Token: token} | ||||||
|  | 	// var data struct { | ||||||
|  | 	// 	Id    string `json:"id"` | ||||||
|  | 	// 	Name  string `json:"name"` | ||||||
|  | 	// 	Email string `json:"email"` | ||||||
|  | 	// } | ||||||
|  | 	// var err error | ||||||
|  | 
 | ||||||
|  | 	// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" | ||||||
|  | 	// r, err := transport.Client().Get(reqUrl) | ||||||
|  | 	// if err != nil { | ||||||
|  | 	// 	return nil, err | ||||||
|  | 	// } | ||||||
|  | 	// defer r.Body.Close() | ||||||
|  | 	// if err = json.NewDecoder(r.Body).Decode(&data); err != nil { | ||||||
|  | 	// 	return nil, err | ||||||
|  | 	// } | ||||||
|  | 	// return &BasicUserInfo{ | ||||||
|  | 	// 	Identity: data.Id, | ||||||
|  | 	// 	Name:     data.Name, | ||||||
|  | 	// 	Email:    data.Email, | ||||||
|  | 	// }, nil | ||||||
|  | 	return nil, nil | ||||||
|  | } | ||||||
| @ -22,6 +22,7 @@ import ( | |||||||
| 	"github.com/gogits/gogs/modules/log" | 	"github.com/gogits/gogs/modules/log" | ||||||
| 	"github.com/gogits/gogs/modules/mailer" | 	"github.com/gogits/gogs/modules/mailer" | ||||||
| 	"github.com/gogits/gogs/modules/middleware" | 	"github.com/gogits/gogs/modules/middleware" | ||||||
|  | 	"github.com/gogits/gogs/modules/social" | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| // Check run mode(Default of martini is Dev). | // Check run mode(Default of martini is Dev). | ||||||
| @ -36,6 +37,11 @@ func checkRunMode() { | |||||||
| 	log.Info("Run Mode: %s", strings.Title(martini.Env)) | 	log.Info("Run Mode: %s", strings.Title(martini.Env)) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | func NewServices() { | ||||||
|  | 	base.NewBaseServices() | ||||||
|  | 	social.NewOauthService() | ||||||
|  | } | ||||||
|  | 
 | ||||||
| // GlobalInit is for global configuration reload-able. | // GlobalInit is for global configuration reload-able. | ||||||
| func GlobalInit() { | func GlobalInit() { | ||||||
| 	base.NewConfigContext() | 	base.NewConfigContext() | ||||||
| @ -52,7 +58,7 @@ func GlobalInit() { | |||||||
| 		models.HasEngine = true | 		models.HasEngine = true | ||||||
| 		cron.NewCronContext() | 		cron.NewCronContext() | ||||||
| 	} | 	} | ||||||
| 	base.NewServices() | 	NewServices() | ||||||
| 	checkRunMode() | 	checkRunMode() | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -18,7 +18,7 @@ import ( | |||||||
| func Dashboard(ctx *middleware.Context) { | func Dashboard(ctx *middleware.Context) { | ||||||
| 	ctx.Data["Title"] = "Dashboard" | 	ctx.Data["Title"] = "Dashboard" | ||||||
| 	ctx.Data["PageIsUserDashboard"] = true | 	ctx.Data["PageIsUserDashboard"] = true | ||||||
| 	repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}) | 	repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}, true) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		ctx.Handle(500, "user.Dashboard", err) | 		ctx.Handle(500, "user.Dashboard", err) | ||||||
| 		return | 		return | ||||||
| @ -58,7 +58,7 @@ func Profile(ctx *middleware.Context, params martini.Params) { | |||||||
| 		} | 		} | ||||||
| 		ctx.Data["Feeds"] = feeds | 		ctx.Data["Feeds"] = feeds | ||||||
| 	default: | 	default: | ||||||
| 		repos, err := models.GetRepositories(user) | 		repos, err := models.GetRepositories(user, ctx.IsSigned && ctx.User.Id == user.Id) | ||||||
| 		if err != nil { | 		if err != nil { | ||||||
| 			ctx.Handle(500, "user.Profile", err) | 			ctx.Handle(500, "user.Profile", err) | ||||||
| 			return | 			return | ||||||
| @ -119,7 +119,7 @@ func Issues(ctx *middleware.Context) { | |||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// Get all repositories. | 	// Get all repositories. | ||||||
| 	repos, err := models.GetRepositories(ctx.User) | 	repos, err := models.GetRepositories(ctx.User, true) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		ctx.Handle(200, "user.Issues(get repositories)", err) | 		ctx.Handle(200, "user.Issues(get repositories)", err) | ||||||
| 		return | 		return | ||||||
|  | |||||||
| @ -6,36 +6,20 @@ package user | |||||||
| 
 | 
 | ||||||
| import ( | import ( | ||||||
| 	"encoding/json" | 	"encoding/json" | ||||||
|  | 	"errors" | ||||||
| 	"fmt" | 	"fmt" | ||||||
| 	"net/http" |  | ||||||
| 	"net/url" | 	"net/url" | ||||||
| 	"strconv" |  | ||||||
| 	"strings" | 	"strings" | ||||||
| 
 | 
 | ||||||
| 	"code.google.com/p/goauth2/oauth" |  | ||||||
| 	"github.com/go-martini/martini" | 	"github.com/go-martini/martini" | ||||||
| 
 | 
 | ||||||
| 	"github.com/gogits/gogs/models" | 	"github.com/gogits/gogs/models" | ||||||
| 	"github.com/gogits/gogs/modules/base" | 	"github.com/gogits/gogs/modules/base" | ||||||
| 	"github.com/gogits/gogs/modules/log" | 	"github.com/gogits/gogs/modules/log" | ||||||
| 	"github.com/gogits/gogs/modules/middleware" | 	"github.com/gogits/gogs/modules/middleware" | ||||||
|  | 	"github.com/gogits/gogs/modules/social" | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| type BasicUserInfo struct { |  | ||||||
| 	Identity string |  | ||||||
| 	Name     string |  | ||||||
| 	Email    string |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| type SocialConnector interface { |  | ||||||
| 	Type() int |  | ||||||
| 	SetRedirectUrl(string) |  | ||||||
| 	UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error) |  | ||||||
| 
 |  | ||||||
| 	AuthCodeURL(string) string |  | ||||||
| 	Exchange(string) (*oauth.Token, error) |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func extractPath(next string) string { | func extractPath(next string) string { | ||||||
| 	n, err := url.Parse(next) | 	n, err := url.Parse(next) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| @ -44,278 +28,72 @@ func extractPath(next string) string { | |||||||
| 	return n.Path | 	return n.Path | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| var ( | func SocialSignIn(ctx *middleware.Context, params martini.Params) { | ||||||
| 	SocialBaseUrl = "/user/login" | 	if base.OauthService == nil { | ||||||
| 	SocialMap     = make(map[string]SocialConnector) | 		ctx.Handle(404, "social.SocialSignIn(oauth service not enabled)", nil) | ||||||
| ) |  | ||||||
| 
 |  | ||||||
| // github && google && ... |  | ||||||
| func SocialSignIn(params martini.Params, ctx *middleware.Context) { |  | ||||||
| 	if base.OauthService == nil || !base.OauthService.GitHub.Enabled { |  | ||||||
| 		ctx.Handle(404, "social login not enabled", nil) |  | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
|  | 
 | ||||||
| 	next := extractPath(ctx.Query("next")) | 	next := extractPath(ctx.Query("next")) | ||||||
| 	name := params["name"] | 	name := params["name"] | ||||||
| 	connect, ok := SocialMap[name] | 	connect, ok := social.SocialMap[name] | ||||||
| 	if !ok { | 	if !ok { | ||||||
| 		ctx.Handle(404, "social login", nil) | 		ctx.Handle(404, "social.SocialSignIn(social login not enabled)", errors.New(name)) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
|  | 
 | ||||||
| 	code := ctx.Query("code") | 	code := ctx.Query("code") | ||||||
| 	if code == "" { | 	if code == "" { | ||||||
| 		// redirect to social login page | 		// redirect to social login page | ||||||
| 		connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Host + ctx.Req.URL.Path) | 		connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Path) | ||||||
| 		ctx.Redirect(connect.AuthCodeURL(next)) | 		ctx.Redirect(connect.AuthCodeURL(next)) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// handle call back | 	// handle call back | ||||||
| 	tk, err := connect.Exchange(code) // exchange for token | 	tk, err := connect.Exchange(code) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		log.Error("oauth2 handle callback error: %v", err) | 		ctx.Handle(500, "social.SocialSignIn(Exchange)", err) | ||||||
| 		ctx.Handle(500, "exchange code error", nil) |  | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 	next = extractPath(ctx.Query("state")) | 	next = extractPath(ctx.Query("state")) | ||||||
| 	log.Trace("success get token") | 	log.Trace("social.SocialSignIn(Got token)") | ||||||
| 
 | 
 | ||||||
| 	ui, err := connect.UserInfo(tk, ctx.Req.URL) | 	ui, err := connect.UserInfo(tk, ctx.Req.URL) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		ctx.Handle(500, fmt.Sprintf("get infomation from %s error: %v", name, err), nil) | 		ctx.Handle(500, fmt.Sprintf("social.SocialSignIn(get info from %s)", name), err) | ||||||
| 		log.Error("social connect error: %s", err) |  | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 	log.Info("social login: %s", ui) | 	log.Info("social.SocialSignIn(social login): %s", ui) | ||||||
|  | 
 | ||||||
| 	oa, err := models.GetOauth2(ui.Identity) | 	oa, err := models.GetOauth2(ui.Identity) | ||||||
| 	switch err { | 	switch err { | ||||||
| 	case nil: | 	case nil: | ||||||
| 		ctx.Session.Set("userId", oa.User.Id) | 		ctx.Session.Set("userId", oa.User.Id) | ||||||
| 		ctx.Session.Set("userName", oa.User.Name) | 		ctx.Session.Set("userName", oa.User.Name) | ||||||
| 	case models.ErrOauth2RecordNotExists: | 	case models.ErrOauth2RecordNotExist: | ||||||
| 		oa = &models.Oauth2{} | 		raw, _ := json.Marshal(tk) | ||||||
| 		raw, _ := json.Marshal(tk) // json encode | 		oa = &models.Oauth2{ | ||||||
| 		oa.Token = string(raw) | 			Uid:      -1, | ||||||
| 		oa.Uid = -1 | 			Type:     connect.Type(), | ||||||
| 		oa.Type = connect.Type() | 			Identity: ui.Identity, | ||||||
| 		oa.Identity = ui.Identity | 			Token:    string(raw), | ||||||
| 		log.Trace("oa: %v", oa) | 		} | ||||||
|  | 		log.Trace("social.SocialSignIn(oa): %v", oa) | ||||||
| 		if err = models.AddOauth2(oa); err != nil { | 		if err = models.AddOauth2(oa); err != nil { | ||||||
| 			log.Error("add oauth2 %v", err) // 501 | 			log.Error("social.SocialSignIn(add oauth2): %v", err) // 501 | ||||||
| 			return | 			return | ||||||
| 		} | 		} | ||||||
| 	case models.ErrOauth2NotAssociatedWithUser: | 	case models.ErrOauth2NotAssociated: | ||||||
| 		next = "/user/sign_up" | 		next = "/user/sign_up" | ||||||
| 	default: | 	default: | ||||||
| 		log.Error("other error: %v", err) | 		ctx.Handle(500, "social.SocialSignIn(GetOauth2)", err) | ||||||
| 		ctx.Handle(500, err.Error(), nil) |  | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
|  | 
 | ||||||
| 	ctx.Session.Set("socialId", oa.Id) | 	ctx.Session.Set("socialId", oa.Id) | ||||||
| 	ctx.Session.Set("socialName", ui.Name) | 	ctx.Session.Set("socialName", ui.Name) | ||||||
| 	ctx.Session.Set("socialEmail", ui.Email) | 	ctx.Session.Set("socialEmail", ui.Email) | ||||||
| 	log.Trace("socialId: %v", oa.Id) | 	log.Trace("social.SocialSignIn(social ID): %v", oa.Id) | ||||||
| 	ctx.Redirect(next) | 	ctx.Redirect(next) | ||||||
| } | } | ||||||
| 
 |  | ||||||
| //   ________.__  __     ___ ___      ___. |  | ||||||
| //  /  _____/|__|/  |_  /   |   \ __ _\_ |__ |  | ||||||
| // /   \  ___|  \   __\/    ~    \  |  \ __ \ |  | ||||||
| // \    \_\  \  ||  |  \    Y    /  |  / \_\ \ |  | ||||||
| //  \______  /__||__|   \___|_  /|____/|___  / |  | ||||||
| //         \/                 \/           \/ |  | ||||||
| 
 |  | ||||||
| type SocialGithub struct { |  | ||||||
| 	Token *oauth.Token |  | ||||||
| 	*oauth.Transport |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGithub) Type() int { |  | ||||||
| 	return models.OT_GITHUB |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func init() { |  | ||||||
| 	github := &SocialGithub{} |  | ||||||
| 	name := "github" |  | ||||||
| 	config := &oauth.Config{ |  | ||||||
| 		ClientId:     "09383403ff2dc16daaa1",                                       //base.OauthService.GitHub.ClientId, // FIXME: panic when set |  | ||||||
| 		ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea",                   //base.OauthService.GitHub.ClientSecret, |  | ||||||
| 		RedirectURL:  strings.TrimSuffix(base.AppUrl, "/") + "/user/login/" + name, //ctx.Req.URL.RequestURI(), |  | ||||||
| 		Scope:        "https://api.github.com/user", |  | ||||||
| 		AuthURL:      "https://github.com/login/oauth/authorize", |  | ||||||
| 		TokenURL:     "https://github.com/login/oauth/access_token", |  | ||||||
| 	} |  | ||||||
| 	github.Transport = &oauth.Transport{ |  | ||||||
| 		Config:    config, |  | ||||||
| 		Transport: http.DefaultTransport, |  | ||||||
| 	} |  | ||||||
| 	SocialMap[name] = github |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGithub) SetRedirectUrl(url string) { |  | ||||||
| 	s.Transport.Config.RedirectURL = url |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |  | ||||||
| 	transport := &oauth.Transport{ |  | ||||||
| 		Token: token, |  | ||||||
| 	} |  | ||||||
| 	var data struct { |  | ||||||
| 		Id    int    `json:"id"` |  | ||||||
| 		Name  string `json:"login"` |  | ||||||
| 		Email string `json:"email"` |  | ||||||
| 	} |  | ||||||
| 	var err error |  | ||||||
| 	r, err := transport.Client().Get(s.Transport.Scope) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	defer r.Body.Close() |  | ||||||
| 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	return &BasicUserInfo{ |  | ||||||
| 		Identity: strconv.Itoa(data.Id), |  | ||||||
| 		Name:     data.Name, |  | ||||||
| 		Email:    data.Email, |  | ||||||
| 	}, nil |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| //   ________                     .__ |  | ||||||
| //  /  _____/  ____   ____   ____ |  |   ____ |  | ||||||
| // /   \  ___ /  _ \ /  _ \ / ___\|  | _/ __ \ |  | ||||||
| // \    \_\  (  <_> |  <_> ) /_/  >  |_\  ___/ |  | ||||||
| //  \______  /\____/ \____/\___  /|____/\___  > |  | ||||||
| //         \/             /_____/           \/ |  | ||||||
| 
 |  | ||||||
| type SocialGoogle struct { |  | ||||||
| 	Token *oauth.Token |  | ||||||
| 	*oauth.Transport |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGoogle) Type() int { |  | ||||||
| 	return models.OT_GOOGLE |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func init() { |  | ||||||
| 	google := &SocialGoogle{} |  | ||||||
| 	name := "google" |  | ||||||
| 	// get client id and secret from |  | ||||||
| 	// https://console.developers.google.com/project |  | ||||||
| 	config := &oauth.Config{ |  | ||||||
| 		ClientId:     "849753812404-mpd7ilvlb8c7213qn6bre6p6djjskti9.apps.googleusercontent.com", //base.OauthService.GitHub.ClientId, // FIXME: panic when set |  | ||||||
| 		ClientSecret: "VukKc4MwaJUSmiyv3D7ANVCa",                                                 //base.OauthService.GitHub.ClientSecret, |  | ||||||
| 		Scope:        "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile", |  | ||||||
| 		AuthURL:      "https://accounts.google.com/o/oauth2/auth", |  | ||||||
| 		TokenURL:     "https://accounts.google.com/o/oauth2/token", |  | ||||||
| 	} |  | ||||||
| 	google.Transport = &oauth.Transport{ |  | ||||||
| 		Config:    config, |  | ||||||
| 		Transport: http.DefaultTransport, |  | ||||||
| 	} |  | ||||||
| 	SocialMap[name] = google |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGoogle) SetRedirectUrl(url string) { |  | ||||||
| 	s.Transport.Config.RedirectURL = url |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |  | ||||||
| 	transport := &oauth.Transport{Token: token} |  | ||||||
| 	var data struct { |  | ||||||
| 		Id    string `json:"id"` |  | ||||||
| 		Name  string `json:"name"` |  | ||||||
| 		Email string `json:"email"` |  | ||||||
| 	} |  | ||||||
| 	var err error |  | ||||||
| 
 |  | ||||||
| 	reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" |  | ||||||
| 	r, err := transport.Client().Get(reqUrl) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	defer r.Body.Close() |  | ||||||
| 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	return &BasicUserInfo{ |  | ||||||
| 		Identity: data.Id, |  | ||||||
| 		Name:     data.Name, |  | ||||||
| 		Email:    data.Email, |  | ||||||
| 	}, nil |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // ________   ________ |  | ||||||
| // \_____  \  \_____  \ |  | ||||||
| //  /  / \  \  /  / \  \ |  | ||||||
| // /   \_/.  \/   \_/.  \ |  | ||||||
| // \_____\ \_/\_____\ \_/ |  | ||||||
| //        \__>       \__> |  | ||||||
| 
 |  | ||||||
| type SocialQQ struct { |  | ||||||
| 	Token *oauth.Token |  | ||||||
| 	*oauth.Transport |  | ||||||
| 	reqUrl string |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialQQ) Type() int { |  | ||||||
| 	return models.OT_QQ |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func init() { |  | ||||||
| 	qq := &SocialQQ{} |  | ||||||
| 	name := "qq" |  | ||||||
| 	config := &oauth.Config{ |  | ||||||
| 		ClientId:     "801497180",                        //base.OauthService.GitHub.ClientId, // FIXME: panic when set |  | ||||||
| 		ClientSecret: "16cd53b8ad2e16a36fc2c8f87d9388f2", //base.OauthService.GitHub.ClientSecret, |  | ||||||
| 		Scope:        "all", |  | ||||||
| 		AuthURL:      "https://open.t.qq.com/cgi-bin/oauth2/authorize", |  | ||||||
| 		TokenURL:     "https://open.t.qq.com/cgi-bin/oauth2/access_token", |  | ||||||
| 	} |  | ||||||
| 	qq.reqUrl = "https://open.t.qq.com/api/user/info" |  | ||||||
| 	qq.Transport = &oauth.Transport{ |  | ||||||
| 		Config:    config, |  | ||||||
| 		Transport: http.DefaultTransport, |  | ||||||
| 	} |  | ||||||
| 	SocialMap[name] = qq |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialQQ) SetRedirectUrl(url string) { |  | ||||||
| 	s.Transport.Config.RedirectURL = url |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| func (s *SocialQQ) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) { |  | ||||||
| 	var data struct { |  | ||||||
| 		Data struct { |  | ||||||
| 			Id    string `json:"openid"` |  | ||||||
| 			Name  string `json:"name"` |  | ||||||
| 			Email string `json:"email"` |  | ||||||
| 		} `json:"data"` |  | ||||||
| 	} |  | ||||||
| 	var err error |  | ||||||
| 	// https://open.t.qq.com/api/user/info? |  | ||||||
| 	//oauth_consumer_key=APP_KEY& |  | ||||||
| 	//access_token=ACCESSTOKEN&openid=openid |  | ||||||
| 	//clientip=CLIENTIP&oauth_version=2.a |  | ||||||
| 	//scope=all |  | ||||||
| 	var urls = url.Values{ |  | ||||||
| 		"oauth_consumer_key": {s.Transport.Config.ClientId}, |  | ||||||
| 		"access_token":       {token.AccessToken}, |  | ||||||
| 		"openid":             URL.Query()["openid"], |  | ||||||
| 		"oauth_version":      {"2.a"}, |  | ||||||
| 		"scope":              {"all"}, |  | ||||||
| 	} |  | ||||||
| 	r, err := http.Get(s.reqUrl + "?" + urls.Encode()) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	defer r.Body.Close() |  | ||||||
| 	if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	return &BasicUserInfo{ |  | ||||||
| 		Identity: data.Data.Id, |  | ||||||
| 		Name:     data.Data.Name, |  | ||||||
| 		Email:    data.Data.Email, |  | ||||||
| 	}, nil |  | ||||||
| } |  | ||||||
|  | |||||||
| @ -19,9 +19,15 @@ import ( | |||||||
| func SignIn(ctx *middleware.Context) { | func SignIn(ctx *middleware.Context) { | ||||||
| 	ctx.Data["Title"] = "Log In" | 	ctx.Data["Title"] = "Log In" | ||||||
| 
 | 
 | ||||||
|  | 	if _, ok := ctx.Session.Get("socialId").(int64); ok { | ||||||
|  | 		ctx.Data["IsSocialLogin"] = true | ||||||
|  | 		ctx.HTML(200, "user/signin") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	if base.OauthService != nil { | 	if base.OauthService != nil { | ||||||
| 		ctx.Data["OauthEnabled"] = true | 		ctx.Data["OauthEnabled"] = true | ||||||
| 		ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled | 		ctx.Data["OauthService"] = base.OauthService | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// Check auto-login. | 	// Check auto-login. | ||||||
| @ -34,7 +40,7 @@ func SignIn(ctx *middleware.Context) { | |||||||
| 	isSucceed := false | 	isSucceed := false | ||||||
| 	defer func() { | 	defer func() { | ||||||
| 		if !isSucceed { | 		if !isSucceed { | ||||||
| 			log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName) | 			log.Trace("user.SignIn(auto-login cookie cleared): %s", userName) | ||||||
| 			ctx.SetCookie(base.CookieUserName, "", -1) | 			ctx.SetCookie(base.CookieUserName, "", -1) | ||||||
| 			ctx.SetCookie(base.CookieRememberName, "", -1) | 			ctx.SetCookie(base.CookieRememberName, "", -1) | ||||||
| 			return | 			return | ||||||
| @ -70,9 +76,12 @@ func SignIn(ctx *middleware.Context) { | |||||||
| func SignInPost(ctx *middleware.Context, form auth.LogInForm) { | func SignInPost(ctx *middleware.Context, form auth.LogInForm) { | ||||||
| 	ctx.Data["Title"] = "Log In" | 	ctx.Data["Title"] = "Log In" | ||||||
| 
 | 
 | ||||||
| 	if base.OauthService != nil { | 	sid, isOauth := ctx.Session.Get("socialId").(int64) | ||||||
|  | 	if isOauth { | ||||||
|  | 		ctx.Data["IsSocialLogin"] = true | ||||||
|  | 	} else if base.OauthService != nil { | ||||||
| 		ctx.Data["OauthEnabled"] = true | 		ctx.Data["OauthEnabled"] = true | ||||||
| 		ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled | 		ctx.Data["OauthService"] = base.OauthService | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	if ctx.HasError() { | 	if ctx.HasError() { | ||||||
| @ -99,13 +108,20 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) { | |||||||
| 		ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) | 		ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// Bind with social account | 	// Bind with social account. | ||||||
| 	if sid, ok := ctx.Session.Get("socialId").(int64); ok { | 	if isOauth { | ||||||
| 		if err = models.BindUserOauth2(user.Id, sid); err != nil { | 		if err = models.BindUserOauth2(user.Id, sid); err != nil { | ||||||
| 			log.Error("bind user error: %v", err) | 			if err == models.ErrOauth2RecordNotExist { | ||||||
|  | 				ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err) | ||||||
|  | 			} else { | ||||||
|  | 				ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err) | ||||||
|  | 			} | ||||||
|  | 			return | ||||||
| 		} | 		} | ||||||
| 		ctx.Session.Delete("socialId") | 		ctx.Session.Delete("socialId") | ||||||
|  | 		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid) | ||||||
| 	} | 	} | ||||||
|  | 
 | ||||||
| 	ctx.Session.Set("userId", user.Id) | 	ctx.Session.Set("userId", user.Id) | ||||||
| 	ctx.Session.Set("userName", user.Name) | 	ctx.Session.Set("userName", user.Name) | ||||||
| 	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { | 	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { | ||||||
| @ -117,6 +133,27 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) { | |||||||
| 	ctx.Redirect("/") | 	ctx.Redirect("/") | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | func oauthSignInPost(ctx *middleware.Context, sid int64) { | ||||||
|  | 	ctx.Data["Title"] = "OAuth Sign Up" | ||||||
|  | 	ctx.Data["PageIsSignUp"] = true | ||||||
|  | 
 | ||||||
|  | 	if _, err := models.GetOauth2ById(sid); err != nil { | ||||||
|  | 		if err == models.ErrOauth2RecordNotExist { | ||||||
|  | 			ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err) | ||||||
|  | 		} else { | ||||||
|  | 			ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err) | ||||||
|  | 		} | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	ctx.Data["IsSocialLogin"] = true | ||||||
|  | 	ctx.Data["username"] = ctx.Session.Get("socialName") | ||||||
|  | 	ctx.Data["email"] = ctx.Session.Get("socialEmail") | ||||||
|  | 	log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId")) | ||||||
|  | 
 | ||||||
|  | 	ctx.HTML(200, "user/signup") | ||||||
|  | } | ||||||
|  | 
 | ||||||
| func SignOut(ctx *middleware.Context) { | func SignOut(ctx *middleware.Context) { | ||||||
| 	ctx.Session.Delete("userId") | 	ctx.Session.Delete("userId") | ||||||
| 	ctx.Session.Delete("userName") | 	ctx.Session.Delete("userName") | ||||||
| @ -132,23 +169,37 @@ func SignUp(ctx *middleware.Context) { | |||||||
| 	ctx.Data["Title"] = "Sign Up" | 	ctx.Data["Title"] = "Sign Up" | ||||||
| 	ctx.Data["PageIsSignUp"] = true | 	ctx.Data["PageIsSignUp"] = true | ||||||
| 
 | 
 | ||||||
| 	if sid, ok := ctx.Session.Get("socialId").(int64); ok { |  | ||||||
| 		var err error |  | ||||||
| 		if _, err = models.GetOauth2ById(sid); err == nil { |  | ||||||
| 			ctx.Data["IsSocialLogin"] = true |  | ||||||
| 			// FIXME: don't set in error page |  | ||||||
| 			ctx.Data["username"] = ctx.Session.Get("socialName") |  | ||||||
| 			ctx.Data["email"] = ctx.Session.Get("socialEmail") |  | ||||||
| 		} else { |  | ||||||
| 			log.Error("unaccepted oauth error: %s", err) // FIXME: should it show in page |  | ||||||
| 		} |  | ||||||
| 	} |  | ||||||
| 	if base.Service.DisenableRegisteration { | 	if base.Service.DisenableRegisteration { | ||||||
| 		ctx.Data["DisenableRegisteration"] = true | 		ctx.Data["DisenableRegisteration"] = true | ||||||
| 		ctx.HTML(200, "user/signup") | 		ctx.HTML(200, "user/signup") | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 	log.Info("session: %v", ctx.Session.Get("socialId")) | 
 | ||||||
|  | 	if sid, ok := ctx.Session.Get("socialId").(int64); ok { | ||||||
|  | 		oauthSignUp(ctx, sid) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	ctx.HTML(200, "user/signup") | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | func oauthSignUp(ctx *middleware.Context, sid int64) { | ||||||
|  | 	ctx.Data["Title"] = "OAuth Sign Up" | ||||||
|  | 	ctx.Data["PageIsSignUp"] = true | ||||||
|  | 
 | ||||||
|  | 	if _, err := models.GetOauth2ById(sid); err != nil { | ||||||
|  | 		if err == models.ErrOauth2RecordNotExist { | ||||||
|  | 			ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err) | ||||||
|  | 		} else { | ||||||
|  | 			ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err) | ||||||
|  | 		} | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	ctx.Data["IsSocialLogin"] = true | ||||||
|  | 	ctx.Data["username"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1) | ||||||
|  | 	ctx.Data["email"] = ctx.Session.Get("socialEmail") | ||||||
|  | 	log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId")) | ||||||
| 
 | 
 | ||||||
| 	ctx.HTML(200, "user/signup") | 	ctx.HTML(200, "user/signup") | ||||||
| } | } | ||||||
| @ -162,6 +213,11 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) { | |||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	sid, isOauth := ctx.Session.Get("socialId").(int64) | ||||||
|  | 	if isOauth { | ||||||
|  | 		ctx.Data["IsSocialLogin"] = true | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	if form.Password != form.RetypePasswd { | 	if form.Password != form.RetypePasswd { | ||||||
| 		ctx.Data["HasError"] = true | 		ctx.Data["HasError"] = true | ||||||
| 		ctx.Data["Err_Password"] = true | 		ctx.Data["Err_Password"] = true | ||||||
| @ -179,7 +235,7 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) { | |||||||
| 		Name:     form.UserName, | 		Name:     form.UserName, | ||||||
| 		Email:    form.Email, | 		Email:    form.Email, | ||||||
| 		Passwd:   form.Password, | 		Passwd:   form.Password, | ||||||
| 		IsActive: !base.Service.RegisterEmailConfirm, | 		IsActive: !base.Service.RegisterEmailConfirm || isOauth, | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	var err error | 	var err error | ||||||
| @ -192,20 +248,25 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) { | |||||||
| 		case models.ErrUserNameIllegal: | 		case models.ErrUserNameIllegal: | ||||||
| 			ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form) | 			ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form) | ||||||
| 		default: | 		default: | ||||||
| 			ctx.Handle(500, "user.SignUp", err) | 			ctx.Handle(500, "user.SignUp(RegisterUser)", err) | ||||||
| 		} | 		} | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName)) | 	log.Trace("%s User created: %s", ctx.Req.RequestURI, form.UserName) | ||||||
| 	// Bind Social Account | 
 | ||||||
| 	if sid, ok := ctx.Session.Get("socialId").(int64); ok { | 	// Bind social account. | ||||||
| 		models.BindUserOauth2(u.Id, sid) | 	if isOauth { | ||||||
|  | 		if err = models.BindUserOauth2(u.Id, sid); err != nil { | ||||||
|  | 			ctx.Handle(500, "user.SignUp(BindUserOauth2)", err) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
| 		ctx.Session.Delete("socialId") | 		ctx.Session.Delete("socialId") | ||||||
|  | 		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid) | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// Send confirmation e-mail. | 	// Send confirmation e-mail, no need for social account. | ||||||
| 	if base.Service.RegisterEmailConfirm && u.Id > 1 { | 	if !isOauth && base.Service.RegisterEmailConfirm && u.Id > 1 { | ||||||
| 		mailer.SendRegisterMail(ctx.Render, u) | 		mailer.SendRegisterMail(ctx.Render, u) | ||||||
| 		ctx.Data["IsSendRegisterMail"] = true | 		ctx.Data["IsSendRegisterMail"] = true | ||||||
| 		ctx.Data["Email"] = u.Email | 		ctx.Data["Email"] = u.Email | ||||||
|  | |||||||
| @ -44,7 +44,7 @@ | |||||||
|                 <ul class="list-group">{{range .MyRepos}} |                 <ul class="list-group">{{range .MyRepos}} | ||||||
|                     <li class="list-group-item"><a href="/{{$.SignedUserName}}/{{.Name}}"> |                     <li class="list-group-item"><a href="/{{$.SignedUserName}}/{{.Name}}"> | ||||||
|                         <!-- <span class="stars pull-right"><i class="fa fa-star"></i>{{.NumStars}}</span> --> |                         <!-- <span class="stars pull-right"><i class="fa fa-star"></i>{{.NumStars}}</span> --> | ||||||
|                         <i class="fa fa-book"></i>{{.Name}}</a> |                         <i class="fa fa-book"></i>{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a> | ||||||
|                     </li>{{end}} |                     </li>{{end}} | ||||||
|                 </ul> |                 </ul> | ||||||
|             </div> |             </div> | ||||||
|  | |||||||
| @ -20,8 +20,8 @@ | |||||||
|                     <li class="list-group-item"><i class="fa fa-link"></i><a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a></li> |                     <li class="list-group-item"><i class="fa fa-link"></i><a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a></li> | ||||||
|                 {{end}} |                 {{end}} | ||||||
|                 <li class="list-group-item"><i class="fa fa-clock-o"></i>Joined on {{DateFormat .Owner.Created "M d, Y"}}</li> |                 <li class="list-group-item"><i class="fa fa-clock-o"></i>Joined on {{DateFormat .Owner.Created "M d, Y"}}</li> | ||||||
|                 <hr> |                 <!-- <hr> --> | ||||||
|                 <li class="list-group-item" style="padding-top: 5px;"> |                 <!-- <li class="list-group-item" style="padding-top: 5px;"> | ||||||
|                     <div class="profile-rel"> |                     <div class="profile-rel"> | ||||||
|                         <div class="col-md-6 followers"> |                         <div class="col-md-6 followers"> | ||||||
|                             <strong>123</strong> |                             <strong>123</strong> | ||||||
| @ -33,7 +33,7 @@ | |||||||
|                         </div> |                         </div> | ||||||
|                     </div> |                     </div> | ||||||
|                 </li> |                 </li> | ||||||
|                 <hr> |                 <hr> --> | ||||||
|             </ul> |             </ul> | ||||||
|         </div> |         </div> | ||||||
|     </div> |     </div> | ||||||
| @ -65,7 +65,7 @@ | |||||||
|                     <li> |                     <li> | ||||||
|                         <div class="meta pull-right"><!-- <i class="fa fa-star"></i> {{.NumStars}} --> <i class="fa fa-code-fork"></i> {{.NumForks}}</div> |                         <div class="meta pull-right"><!-- <i class="fa fa-star"></i> {{.NumStars}} --> <i class="fa fa-code-fork"></i> {{.NumForks}}</div> | ||||||
|                         <h4> |                         <h4> | ||||||
|                             <a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}</a> |                             <a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a> | ||||||
|                         </h4> |                         </h4> | ||||||
|                         <p class="desc">{{.Description}}</p> |                         <p class="desc">{{.Description}}</p> | ||||||
|                         <div class="info">Last updated {{.Updated|TimeSince}}</div> |                         <div class="info">Last updated {{.Updated|TimeSince}}</div> | ||||||
|  | |||||||
| @ -3,15 +3,11 @@ | |||||||
| <div class="container" id="body" data-page="user-signin"> | <div class="container" id="body" data-page="user-signin"> | ||||||
|     <form action="/user/login" method="post" class="form-horizontal card" id="login-card"> |     <form action="/user/login" method="post" class="form-horizontal card" id="login-card"> | ||||||
|         {{.CsrfTokenHtml}} |         {{.CsrfTokenHtml}} | ||||||
|         <h3>Log in |         {{if .IsSocialLogin}} | ||||||
|         <!--{{if .OauthEnabled}} |         <h3>Social login: 2nd step <small>associate account</small></h3> | ||||||
|             <small class="pull-right">social login:  |         {{else}} | ||||||
|             {{if .OauthGitHubEnabled}} |         <h3>Log in</h3> | ||||||
|                 <a href="/user/login/github?next=/user/sign_up"><i class="fa fa-github-square fa-2x"></i></a> |         {{end}} | ||||||
|             {{end}} |  | ||||||
|             </small> |  | ||||||
|         {{end}}--> |  | ||||||
|         </h3> |  | ||||||
|         {{template "base/alert" .}} |         {{template "base/alert" .}} | ||||||
|         <div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> |         <div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> | ||||||
|             <label class="col-md-4 control-label">Username: </label> |             <label class="col-md-4 control-label">Username: </label> | ||||||
| @ -27,7 +23,7 @@ | |||||||
|             </div> |             </div> | ||||||
|         </div> |         </div> | ||||||
|          |          | ||||||
|         <div class="form-group"> |         {{if not .IsSocialLogin}}<div class="form-group"> | ||||||
|             <div class="col-md-6 col-md-offset-4"> |             <div class="col-md-6 col-md-offset-4"> | ||||||
|                 <div class="checkbox"> |                 <div class="checkbox"> | ||||||
|                     <label> |                     <label> | ||||||
| @ -36,16 +32,16 @@ | |||||||
|                     </label> |                     </label> | ||||||
|                 </div> |                 </div> | ||||||
|             </div> |             </div> | ||||||
|         </div> |         </div>{{end}} | ||||||
| 
 | 
 | ||||||
|         <div class="form-group"> |         <div class="form-group"> | ||||||
|             <div class="col-md-offset-4 col-md-6"> |             <div class="col-md-offset-4 col-md-6"> | ||||||
|                 <button type="submit" class="btn btn-lg btn-primary">Log In</button> |                 <button type="submit" class="btn btn-lg btn-primary">Log In</button> | ||||||
|                 <a href="/user/forget_password/">Forgot your password?</a> |                 {{if not .IsSocialLogin}}<a href="/user/forget_password/">Forgot your password?</a>{{end}} | ||||||
|             </div> |             </div> | ||||||
|         </div> |         </div> | ||||||
| 
 | 
 | ||||||
|         <div class="form-group"> |         {{if not .IsSocialLogin}}<div class="form-group"> | ||||||
|             <div class="col-md-offset-4 col-md-6"> |             <div class="col-md-offset-4 col-md-6"> | ||||||
|                 <a href="/user/sign_up">Need an account? Sign up now.</a> |                 <a href="/user/sign_up">Need an account? Sign up now.</a> | ||||||
|             </div> |             </div> | ||||||
| @ -54,10 +50,7 @@ | |||||||
|         {{if .OauthEnabled}} |         {{if .OauthEnabled}} | ||||||
|         <div class="form-group text-center" id="social-login"> |         <div class="form-group text-center" id="social-login"> | ||||||
|             <h4><span>or</span></h4> |             <h4><span>or</span></h4> | ||||||
|             <!--<a href="/user/login/github?next=/user/sign_up" class="btn btn-default google"> |             <!-- | ||||||
|                 <i class="fa fa-google-plus-square fa-2x"></i> |  | ||||||
|                 <span>Google</span> |  | ||||||
|             </a> |  | ||||||
|             <a href="/user/login/github?next=/user/sign_up" class="btn btn-default facebbok"> |             <a href="/user/login/github?next=/user/sign_up" class="btn btn-default facebbok"> | ||||||
|                 <i class="fa fa-facebook-square fa-2x"></i> |                 <i class="fa fa-facebook-square fa-2x"></i> | ||||||
|                 <span>Facebook</span> |                 <span>Facebook</span> | ||||||
| @ -66,12 +59,12 @@ | |||||||
|                 <i class="fa fa-weibo fa-2x"></i> |                 <i class="fa fa-weibo fa-2x"></i> | ||||||
|                 <span>Weibo</span> |                 <span>Weibo</span> | ||||||
|             </a>--> |             </a>--> | ||||||
|             {{if .OauthGitHubEnabled}}<a href="/user/login/github?next=/user/sign_up" class="github btn btn-default"> |             {{if .OauthService.GitHub}}<a href="/user/login/github?next=/user/sign_up" class="btn btn-default"><i class="fa fa-github-square fa-2x"></i><span>GitHub</span></a>{{end}} | ||||||
|             <i class="fa fa-github-square fa-2x"></i> |             {{if .OauthService.Google}}<a href="/user/login/google?next=/user/sign_up" class="btn btn-default"><i class="fa fa-google-plus-square fa-2x"></i><span>Google</span></a>{{end}} | ||||||
|             <span>GitHub</span> |             {{if .OauthService.Tencent}}<a href="/user/login/twitter?next=/user/sign_up" class="btn btn-default"><i class="fa fa-twitter-square fa-2x"></i><span>Twitter</span></a>{{end}} | ||||||
|             </a>{{end}} |             {{if .OauthService.Tencent}}<a href="/user/login/qq?next=/user/sign_up" class="btn btn-default"><i class="fa fa-linux fa-2x"></i><span>QQ</span></a>{{end}} | ||||||
|         </div> |         </div> | ||||||
|         {{end}} |         {{end}}{{end}} | ||||||
|     </form> |     </form> | ||||||
| </div> | </div> | ||||||
| {{template "base/footer" .}} | {{template "base/footer" .}} | ||||||
|  | |||||||
| @ -1,15 +1,15 @@ | |||||||
| {{template "base/head" .}} | {{template "base/head" .}} | ||||||
| {{template "base/navbar" .}} | {{template "base/navbar" .}} | ||||||
| <div class="container" id="body" data-page="user-signup"> | <div class="container" id="body"> | ||||||
| 	<form action="/user/sign_up" method="post" class="form-horizontal card" id="login-card"> | 	<form action="/user/sign_up" method="post" class="form-horizontal card" id="login-card"> | ||||||
| 		{{.CsrfTokenHtml}} | 		{{.CsrfTokenHtml}} | ||||||
| 		{{if .DisenableRegisteration}} | 		{{if .DisenableRegisteration}} | ||||||
| 		Sorry, registeration has been disenabled, you can only get account from administrator. | 		Sorry, registeration has been disenabled, you can only get account from administrator. | ||||||
| 		{{else}} | 		{{else}} | ||||||
| 		{{if .IsSocialLogin}} | 		{{if .IsSocialLogin}} | ||||||
| 			<h3>Social login: 2nd step <small>complete information</small></h3> | 		<h3>Social login: 2nd step <small>complete information</small></h3> | ||||||
| 		{{else}} | 		{{else}} | ||||||
| 			<h3>Sign Up</h3> | 		<h3>Sign Up</h3> | ||||||
| 		{{end}} | 		{{end}} | ||||||
| 	    {{template "base/alert" .}} | 	    {{template "base/alert" .}} | ||||||
| 		<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> | 		<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user