mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-25 07:43:36 +01:00
fix .netrc authentication (#2700)
* provide both possible authentication solutions Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
This commit is contained in:
parent
1ec4dc6c1d
commit
4ccb0fe338
1 changed files with 24 additions and 10 deletions
|
@ -139,19 +139,28 @@ func HTTP(ctx *context.Context) {
|
|||
}
|
||||
|
||||
if authUser == nil {
|
||||
authUser, err = models.GetUserByName(authUsername)
|
||||
isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
|
||||
|
||||
if err != nil {
|
||||
if models.IsErrUserNotExist(err) {
|
||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||
} else {
|
||||
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
|
||||
// Assume username is token
|
||||
authToken := authUsername
|
||||
|
||||
if !isUsernameToken {
|
||||
// Assume password is token
|
||||
authToken = authPasswd
|
||||
|
||||
authUser, err = models.GetUserByName(authUsername)
|
||||
if err != nil {
|
||||
if models.IsErrUserNotExist(err) {
|
||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||
} else {
|
||||
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
|
||||
}
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// Assume password is a token.
|
||||
token, err := models.GetAccessTokenBySHA(authPasswd)
|
||||
token, err := models.GetAccessTokenBySHA(authToken)
|
||||
if err != nil {
|
||||
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
|
||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||
|
@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if authUser.ID != token.UID {
|
||||
if isUsernameToken {
|
||||
authUser, err = models.GetUserByID(token.UID)
|
||||
if err != nil {
|
||||
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
|
||||
return
|
||||
}
|
||||
} else if authUser.ID != token.UID {
|
||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||
return
|
||||
}
|
||||
|
@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
|
|||
if err = models.UpdateAccessToken(token); err != nil {
|
||||
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
|
||||
}
|
||||
|
||||
} else {
|
||||
_, err = models.GetTwoFactorByUID(authUser.ID)
|
||||
|
||||
|
|
Loading…
Reference in a new issue