bug fixed

This commit is contained in:
Lunny Xiao 2014-04-05 22:24:10 +08:00
parent a92826a8fe
commit 9791e70da6
2 changed files with 41 additions and 39 deletions

View file

@ -77,8 +77,8 @@ func init() {
// PublicKey represents a SSH key of user. // PublicKey represents a SSH key of user.
type PublicKey struct { type PublicKey struct {
Id int64 Id int64
OwnerId int64 `xorm:" index not null"` OwnerId int64 `xorm:"unique(s) index not null"`
Name string `xorm:" not null"` //UNIQUE(s) Name string `xorm:"unique(s) not null"` //UNIQUE(s)
Fingerprint string Fingerprint string
Content string `xorm:"TEXT not null"` Content string `xorm:"TEXT not null"`
Created time.Time `xorm:"created"` Created time.Time `xorm:"created"`

View file

@ -261,7 +261,7 @@ func basicDecode(encoded string) (user string, name string, err error) {
} }
func authRequired(ctx *middleware.Context) { func authRequired(ctx *middleware.Context) {
ctx.ResponseWriter.Header().Set("WWW-Authenticate", `Basic realm="Gogs Auth"`) ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Data["ErrorMsg"] = "no basic auth and digit auth" ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
ctx.HTML(401, fmt.Sprintf("status/401")) ctx.HTML(401, fmt.Sprintf("status/401"))
} }
@ -273,6 +273,8 @@ func Http(ctx *middleware.Context, params martini.Params) {
reponame = reponame[:len(reponame)-4] reponame = reponame[:len(reponame)-4]
} }
//fmt.Println("req:", ctx.Req.Header)
repoUser, err := models.GetUserByName(username) repoUser, err := models.GetUserByName(username)
if err != nil { if err != nil {
ctx.Handle(500, "repo.GetUserByName", nil) ctx.Handle(500, "repo.GetUserByName", nil)
@ -297,45 +299,45 @@ func Http(ctx *middleware.Context, params martini.Params) {
// check basic auth // check basic auth
baHead := ctx.Req.Header.Get("Authorization") baHead := ctx.Req.Header.Get("Authorization")
if baHead != "" { if baHead == "" {
auths := strings.Fields(baHead)
if len(auths) != 2 || auths[0] != "Basic" {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
authUsername, passwd, err := basicDecode(auths[1])
if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
authUser, err := models.GetUserByName(authUsername)
if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
newUser := &models.User{Passwd: passwd}
newUser.EncodePasswd()
if authUser.Passwd != newUser.Passwd {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
var tp = models.AU_WRITABLE
if isPull {
tp = models.AU_READABLE
}
has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
if err != nil || !has {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
} else {
authRequired(ctx) authRequired(ctx)
return return
} }
auths := strings.Fields(baHead)
if len(auths) != 2 || auths[0] != "Basic" {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
authUsername, passwd, err := basicDecode(auths[1])
if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
authUser, err := models.GetUserByName(authUsername)
if err != nil {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
newUser := &models.User{Passwd: passwd}
newUser.EncodePasswd()
if authUser.Passwd != newUser.Passwd {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
var tp = models.AU_WRITABLE
if isPull {
tp = models.AU_READABLE
}
has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
if err != nil || !has {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
}
} }
dir := models.RepoPath(username, reponame) dir := models.RepoPath(username, reponame)