From 4b9b8024ba59b5b84d92dca650761b35ebf6408a Mon Sep 17 00:00:00 2001
From: Unknown <joe2010xtmf@163.com>
Date: Sun, 13 Apr 2014 18:12:07 -0400
Subject: [PATCH 1/4] Clean oauth code

---
 conf/app.ini                  |  30 ++-
 models/oauth2.go              |  25 +--
 models/repo.go                |   9 +-
 models/user.go                |   2 +-
 modules/base/conf.go          |  37 +---
 modules/middleware/context.go |   3 +-
 modules/oauth2/oauth2.go      | 228 -----------------------
 modules/oauth2/oauth2_test.go | 162 -----------------
 modules/social/social.go      | 333 ++++++++++++++++++++++++++++++++++
 routers/install.go            |   8 +-
 routers/user/home.go          |   6 +-
 routers/user/social.go        | 282 +++-------------------------
 routers/user/user.go          | 115 +++++++++---
 templates/user/dashboard.tmpl |   2 +-
 templates/user/profile.tmpl   |   8 +-
 templates/user/signin.tmpl    |  39 ++--
 templates/user/signup.tmpl    |   6 +-
 17 files changed, 547 insertions(+), 748 deletions(-)
 delete mode 100644 modules/oauth2/oauth2.go
 delete mode 100644 modules/oauth2/oauth2_test.go
 create mode 100644 modules/social/social.go

diff --git a/conf/app.ini b/conf/app.ini
index 575e18a404..4eaf0a33c2 100644
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -76,10 +76,38 @@ PASSWD =
 ENABLED = false
 
 [oauth.github]
-ENABLED =
+ENABLED = false
 CLIENT_ID = 
 CLIENT_SECRET = 
 SCOPES = https://api.github.com/user
+AUTH_URL = https://github.com/login/oauth/authorize
+TOKEN_URL = https://github.com/login/oauth/access_token
+
+; Get client id and secret from
+; https://console.developers.google.com/project
+[oauth.google]
+ENABLED = false
+CLIENT_ID = 
+CLIENT_SECRET = 
+SCOPES = https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
+AUTH_URL = https://accounts.google.com/o/oauth2/auth
+TOKEN_URL = https://accounts.google.com/o/oauth2/token
+
+[oauth.qq]
+ENABLED = false
+CLIENT_ID = 
+CLIENT_SECRET = 
+SCOPES = all
+AUTH_URL = https://open.t.qq.com/cgi-bin/oauth2/authorize
+TOKEN_URL = https://open.t.qq.com/cgi-bin/oauth2/access_token
+
+[oauth.twitter]
+ENABLED = false
+CLIENT_ID = 
+CLIENT_SECRET = 
+SCOPES = all
+AUTH_URL = https://api.twitter.com/oauth/authorize
+TOKEN_URL = https://api.twitter.com/oauth/access_token
 
 [cache]
 ; Either "memory", "redis", or "memcache", default is "memory"
diff --git a/models/oauth2.go b/models/oauth2.go
index f8780fe682..38d21fda1c 100644
--- a/models/oauth2.go
+++ b/models/oauth2.go
@@ -14,11 +14,15 @@ const (
 	OT_GOOGLE
 	OT_TWITTER
 	OT_QQ
+	OT_WEIBO
+	OT_BITBUCKET
+	OT_OSCHINA
+	OT_FACEBOOK
 )
 
 var (
-	ErrOauth2RecordNotExists       = errors.New("not exists oauth2 record")
-	ErrOauth2NotAssociatedWithUser = errors.New("not associated with user")
+	ErrOauth2RecordNotExist = errors.New("OAuth2 record does not exist")
+	ErrOauth2NotAssociated  = errors.New("OAuth2 is not associated with user")
 )
 
 type Oauth2 struct {
@@ -35,11 +39,9 @@ func BindUserOauth2(userId, oauthId int64) error {
 	return err
 }
 
-func AddOauth2(oa *Oauth2) (err error) {
-	if _, err = orm.Insert(oa); err != nil {
-		return err
-	}
-	return nil
+func AddOauth2(oa *Oauth2) error {
+	_, err := orm.Insert(oa)
+	return err
 }
 
 func GetOauth2(identity string) (oa *Oauth2, err error) {
@@ -48,9 +50,9 @@ func GetOauth2(identity string) (oa *Oauth2, err error) {
 	if err != nil {
 		return
 	} else if !isExist {
-		return nil, ErrOauth2RecordNotExists
+		return nil, ErrOauth2RecordNotExist
 	} else if oa.Uid == -1 {
-		return oa, ErrOauth2NotAssociatedWithUser
+		return oa, ErrOauth2NotAssociated
 	}
 	oa.User, err = GetUserById(oa.Uid)
 	return oa, err
@@ -61,9 +63,8 @@ func GetOauth2ById(id int64) (oa *Oauth2, err error) {
 	has, err := orm.Id(id).Get(oa)
 	if err != nil {
 		return nil, err
-	}
-	if !has {
-		return nil, ErrOauth2RecordNotExists
+	} else if !has {
+		return nil, ErrOauth2RecordNotExist
 	}
 	return oa, nil
 }
diff --git a/models/repo.go b/models/repo.go
index 01736b631d..1a5a95f047 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -714,9 +714,14 @@ func GetRepositoryById(id int64) (*Repository, error) {
 }
 
 // GetRepositories returns the list of repositories of given user.
-func GetRepositories(user *User) ([]Repository, error) {
+func GetRepositories(user *User, private bool) ([]Repository, error) {
 	repos := make([]Repository, 0, 10)
-	err := orm.Desc("updated").Find(&repos, &Repository{OwnerId: user.Id})
+	sess := orm.Desc("updated")
+	if !private {
+		sess.Where("is_private=?", false)
+	}
+
+	err := sess.Find(&repos, &Repository{OwnerId: user.Id})
 	return repos, err
 }
 
diff --git a/models/user.go b/models/user.go
index ea2c79b771..ffee2dd9e5 100644
--- a/models/user.go
+++ b/models/user.go
@@ -234,7 +234,7 @@ func ChangeUserName(user *User, newUserName string) (err error) {
 		}
 	}
 
-	repos, err := GetRepositories(user)
+	repos, err := GetRepositories(user, true)
 	if err != nil {
 		return err
 	}
diff --git a/modules/base/conf.go b/modules/base/conf.go
index d1564aa105..0eca5f4fcb 100644
--- a/modules/base/conf.go
+++ b/modules/base/conf.go
@@ -29,13 +29,17 @@ type Mailer struct {
 	User, Passwd string
 }
 
+type OauthInfo struct {
+	ClientId, ClientSecret string
+	Scopes                 string
+	AuthUrl, TokenUrl      string
+}
+
 // Oauther represents oauth service.
 type Oauther struct {
-	GitHub struct {
-		Enabled                bool
-		ClientId, ClientSecret string
-		Scopes                 string
-	}
+	GitHub, Google, Tencent bool
+	Twitter                 bool
+	OauthInfos              map[string]*OauthInfo
 }
 
 var (
@@ -252,26 +256,6 @@ func newNotifyMailService() {
 	log.Info("Notify Mail Service Enabled")
 }
 
-func newOauthService() {
-	if !Cfg.MustBool("oauth", "ENABLED") {
-		return
-	}
-
-	OauthService = &Oauther{}
-	oauths := make([]string, 0, 10)
-
-	// GitHub.
-	if Cfg.MustBool("oauth.github", "ENABLED") {
-		OauthService.GitHub.Enabled = true
-		OauthService.GitHub.ClientId = Cfg.MustValue("oauth.github", "CLIENT_ID")
-		OauthService.GitHub.ClientSecret = Cfg.MustValue("oauth.github", "CLIENT_SECRET")
-		OauthService.GitHub.Scopes = Cfg.MustValue("oauth.github", "SCOPES")
-		oauths = append(oauths, "GitHub")
-	}
-
-	log.Info("Oauth Service Enabled %s", oauths)
-}
-
 func NewConfigContext() {
 	//var err error
 	workDir, err := ExecDir()
@@ -328,7 +312,7 @@ func NewConfigContext() {
 	}
 }
 
-func NewServices() {
+func NewBaseServices() {
 	newService()
 	newLogService()
 	newCacheService()
@@ -336,5 +320,4 @@ func NewServices() {
 	newMailService()
 	newRegisterMailService()
 	newNotifyMailService()
-	newOauthService()
 }
diff --git a/modules/middleware/context.go b/modules/middleware/context.go
index f353ea51bd..619a13b1ac 100644
--- a/modules/middleware/context.go
+++ b/modules/middleware/context.go
@@ -82,7 +82,8 @@ func (ctx *Context) HasError() bool {
 	if !ok {
 		return false
 	}
-	ctx.Flash.Error(ctx.Data["ErrorMsg"].(string))
+	ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
+	ctx.Data["Flash"] = ctx.Flash
 	return hasErr.(bool)
 }
 
diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go
deleted file mode 100644
index dcb6d0a434..0000000000
--- a/modules/oauth2/oauth2.go
+++ /dev/null
@@ -1,228 +0,0 @@
-// Copyright 2014 Google Inc. All Rights Reserved.
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-// Package oauth2 contains Martini handlers to provide
-// user login via an OAuth 2.0 backend.
-package oauth2
-
-import (
-	"encoding/json"
-	"net/http"
-	"net/url"
-	"strings"
-	"time"
-
-	"code.google.com/p/goauth2/oauth"
-	"github.com/go-martini/martini"
-
-	"github.com/gogits/session"
-
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/middleware"
-)
-
-const (
-	keyToken    = "oauth2_token"
-	keyNextPage = "next"
-)
-
-var (
-	// Path to handle OAuth 2.0 logins.
-	PathLogin = "/login"
-	// Path to handle OAuth 2.0 logouts.
-	PathLogout = "/logout"
-	// Path to handle callback from OAuth 2.0 backend
-	// to exchange credentials.
-	PathCallback = "/oauth2callback"
-	// Path to handle error cases.
-	PathError = "/oauth2error"
-)
-
-// Represents OAuth2 backend options.
-type Options struct {
-	ClientId     string
-	ClientSecret string
-	RedirectURL  string
-	Scopes       []string
-
-	AuthUrl  string
-	TokenUrl string
-}
-
-// Represents a container that contains
-// user's OAuth 2.0 access and refresh tokens.
-type Tokens interface {
-	Access() string
-	Refresh() string
-	IsExpired() bool
-	ExpiryTime() time.Time
-	ExtraData() map[string]string
-}
-
-type token struct {
-	oauth.Token
-}
-
-func (t *token) ExtraData() map[string]string {
-	return t.Extra
-}
-
-// Returns the access token.
-func (t *token) Access() string {
-	return t.AccessToken
-}
-
-// Returns the refresh token.
-func (t *token) Refresh() string {
-	return t.RefreshToken
-}
-
-// Returns whether the access token is
-// expired or not.
-func (t *token) IsExpired() bool {
-	if t == nil {
-		return true
-	}
-	return t.Expired()
-}
-
-// Returns the expiry time of the user's
-// access token.
-func (t *token) ExpiryTime() time.Time {
-	return t.Expiry
-}
-
-// Returns a new Google OAuth 2.0 backend endpoint.
-func Google(opts *Options) martini.Handler {
-	opts.AuthUrl = "https://accounts.google.com/o/oauth2/auth"
-	opts.TokenUrl = "https://accounts.google.com/o/oauth2/token"
-	return NewOAuth2Provider(opts)
-}
-
-// Returns a new Github OAuth 2.0 backend endpoint.
-func Github(opts *Options) martini.Handler {
-	opts.AuthUrl = "https://github.com/login/oauth/authorize"
-	opts.TokenUrl = "https://github.com/login/oauth/access_token"
-	return NewOAuth2Provider(opts)
-}
-
-func Facebook(opts *Options) martini.Handler {
-	opts.AuthUrl = "https://www.facebook.com/dialog/oauth"
-	opts.TokenUrl = "https://graph.facebook.com/oauth/access_token"
-	return NewOAuth2Provider(opts)
-}
-
-// Returns a generic OAuth 2.0 backend endpoint.
-func NewOAuth2Provider(opts *Options) martini.Handler {
-	config := &oauth.Config{
-		ClientId:     opts.ClientId,
-		ClientSecret: opts.ClientSecret,
-		RedirectURL:  opts.RedirectURL,
-		Scope:        strings.Join(opts.Scopes, " "),
-		AuthURL:      opts.AuthUrl,
-		TokenURL:     opts.TokenUrl,
-	}
-
-	transport := &oauth.Transport{
-		Config:    config,
-		Transport: http.DefaultTransport,
-	}
-
-	return func(c martini.Context, ctx *middleware.Context) {
-		if ctx.Req.Method == "GET" {
-			switch ctx.Req.URL.Path {
-			case PathLogin:
-				login(transport, ctx)
-			case PathLogout:
-				logout(transport, ctx)
-			case PathCallback:
-				handleOAuth2Callback(transport, ctx)
-			}
-		}
-
-		tk := unmarshallToken(ctx.Session)
-		if tk != nil {
-			// check if the access token is expired
-			if tk.IsExpired() && tk.Refresh() == "" {
-				ctx.Session.Delete(keyToken)
-				tk = nil
-			}
-		}
-		// Inject tokens.
-		c.MapTo(tk, (*Tokens)(nil))
-	}
-}
-
-// Handler that redirects user to the login page
-// if user is not logged in.
-// Sample usage:
-// m.Get("/login-required", oauth2.LoginRequired, func() ... {})
-var LoginRequired martini.Handler = func() martini.Handler {
-	return func(c martini.Context, ctx *middleware.Context) {
-		token := unmarshallToken(ctx.Session)
-		if token == nil || token.IsExpired() {
-			next := url.QueryEscape(ctx.Req.URL.RequestURI())
-			ctx.Redirect(PathLogin + "?next=" + next)
-			return
-		}
-	}
-}()
-
-func login(t *oauth.Transport, ctx *middleware.Context) {
-	next := extractPath(ctx.Query(keyNextPage))
-	if ctx.Session.Get(keyToken) == nil {
-		// User is not logged in.
-		ctx.Redirect(t.Config.AuthCodeURL(next))
-		return
-	}
-	// No need to login, redirect to the next page.
-	ctx.Redirect(next)
-}
-
-func logout(t *oauth.Transport, ctx *middleware.Context) {
-	next := extractPath(ctx.Query(keyNextPage))
-	ctx.Session.Delete(keyToken)
-	ctx.Redirect(next)
-}
-
-func handleOAuth2Callback(t *oauth.Transport, ctx *middleware.Context) {
-	if errMsg := ctx.Query("error_description"); len(errMsg) > 0 {
-		log.Error("oauth2.handleOAuth2Callback: %s", errMsg)
-		return
-	}
-
-	next := extractPath(ctx.Query("state"))
-	code := ctx.Query("code")
-	tk, err := t.Exchange(code)
-	if err != nil {
-		// Pass the error message, or allow dev to provide its own
-		// error handler.
-		log.Error("oauth2.handleOAuth2Callback(token.Exchange): %v", err)
-		// ctx.Redirect(PathError)
-		return
-	}
-	// Store the credentials in the session.
-	val, _ := json.Marshal(tk)
-	ctx.Session.Set(keyToken, val)
-	ctx.Redirect(next)
-}
-
-func unmarshallToken(s session.SessionStore) (t *token) {
-	if s.Get(keyToken) == nil {
-		return
-	}
-	data := s.Get(keyToken).([]byte)
-	var tk oauth.Token
-	json.Unmarshal(data, &tk)
-	return &token{tk}
-}
-
-func extractPath(next string) string {
-	n, err := url.Parse(next)
-	if err != nil {
-		return "/"
-	}
-	return n.Path
-}
diff --git a/modules/oauth2/oauth2_test.go b/modules/oauth2/oauth2_test.go
deleted file mode 100644
index 71443030a4..0000000000
--- a/modules/oauth2/oauth2_test.go
+++ /dev/null
@@ -1,162 +0,0 @@
-// Copyright 2014 Google Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package oauth2
-
-import (
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/go-martini/martini"
-	"github.com/martini-contrib/sessions"
-)
-
-func Test_LoginRedirect(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	m := martini.New()
-	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
-	m.Use(Google(&Options{
-		ClientId:     "client_id",
-		ClientSecret: "client_secret",
-		RedirectURL:  "refresh_url",
-		Scopes:       []string{"x", "y"},
-	}))
-
-	r, _ := http.NewRequest("GET", "/login", nil)
-	m.ServeHTTP(recorder, r)
-
-	location := recorder.HeaderMap["Location"][0]
-	if recorder.Code != 302 {
-		t.Errorf("Not being redirected to the auth page.")
-	}
-	if location != "https://accounts.google.com/o/oauth2/auth?access_type=&approval_prompt=&client_id=client_id&redirect_uri=refresh_url&response_type=code&scope=x+y&state=" {
-		t.Errorf("Not being redirected to the right page, %v found", location)
-	}
-}
-
-func Test_LoginRedirectAfterLoginRequired(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	m := martini.Classic()
-	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
-	m.Use(Google(&Options{
-		ClientId:     "client_id",
-		ClientSecret: "client_secret",
-		RedirectURL:  "refresh_url",
-		Scopes:       []string{"x", "y"},
-	}))
-
-	m.Get("/login-required", LoginRequired, func(tokens Tokens) (int, string) {
-		return 200, tokens.Access()
-	})
-
-	r, _ := http.NewRequest("GET", "/login-required?key=value", nil)
-	m.ServeHTTP(recorder, r)
-
-	location := recorder.HeaderMap["Location"][0]
-	if recorder.Code != 302 {
-		t.Errorf("Not being redirected to the auth page.")
-	}
-	if location != "/login?next=%2Flogin-required%3Fkey%3Dvalue" {
-		t.Errorf("Not being redirected to the right page, %v found", location)
-	}
-}
-
-func Test_Logout(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	s := sessions.NewCookieStore([]byte("secret123"))
-
-	m := martini.Classic()
-	m.Use(sessions.Sessions("my_session", s))
-	m.Use(Google(&Options{
-	// no need to configure
-	}))
-
-	m.Get("/", func(s sessions.Session) {
-		s.Set(keyToken, "dummy token")
-	})
-
-	m.Get("/get", func(s sessions.Session) {
-		if s.Get(keyToken) != nil {
-			t.Errorf("User credentials are still kept in the session.")
-		}
-	})
-
-	logout, _ := http.NewRequest("GET", "/logout", nil)
-	index, _ := http.NewRequest("GET", "/", nil)
-
-	m.ServeHTTP(httptest.NewRecorder(), index)
-	m.ServeHTTP(recorder, logout)
-
-	if recorder.Code != 302 {
-		t.Errorf("Not being redirected to the next page.")
-	}
-}
-
-func Test_LogoutOnAccessTokenExpiration(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	s := sessions.NewCookieStore([]byte("secret123"))
-
-	m := martini.Classic()
-	m.Use(sessions.Sessions("my_session", s))
-	m.Use(Google(&Options{
-	// no need to configure
-	}))
-
-	m.Get("/addtoken", func(s sessions.Session) {
-		s.Set(keyToken, "dummy token")
-	})
-
-	m.Get("/", func(s sessions.Session) {
-		if s.Get(keyToken) != nil {
-			t.Errorf("User not logged out although access token is expired.")
-		}
-	})
-
-	addtoken, _ := http.NewRequest("GET", "/addtoken", nil)
-	index, _ := http.NewRequest("GET", "/", nil)
-	m.ServeHTTP(recorder, addtoken)
-	m.ServeHTTP(recorder, index)
-}
-
-func Test_InjectedTokens(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	m := martini.Classic()
-	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
-	m.Use(Google(&Options{
-	// no need to configure
-	}))
-	m.Get("/", func(tokens Tokens) string {
-		return "Hello world!"
-	})
-	r, _ := http.NewRequest("GET", "/", nil)
-	m.ServeHTTP(recorder, r)
-}
-
-func Test_LoginRequired(t *testing.T) {
-	recorder := httptest.NewRecorder()
-	m := martini.Classic()
-	m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
-	m.Use(Google(&Options{
-	// no need to configure
-	}))
-	m.Get("/", LoginRequired, func(tokens Tokens) string {
-		return "Hello world!"
-	})
-	r, _ := http.NewRequest("GET", "/", nil)
-	m.ServeHTTP(recorder, r)
-	if recorder.Code != 302 {
-		t.Errorf("Not being redirected to the auth page although user is not logged in.")
-	}
-}
diff --git a/modules/social/social.go b/modules/social/social.go
new file mode 100644
index 0000000000..230f478fe4
--- /dev/null
+++ b/modules/social/social.go
@@ -0,0 +1,333 @@
+// Copyright 2014 Google Inc. All Rights Reserved.
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package social
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"code.google.com/p/goauth2/oauth"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/modules/log"
+)
+
+type BasicUserInfo struct {
+	Identity string
+	Name     string
+	Email    string
+}
+
+type SocialConnector interface {
+	Type() int
+	SetRedirectUrl(string)
+	UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
+
+	AuthCodeURL(string) string
+	Exchange(string) (*oauth.Token, error)
+}
+
+var (
+	SocialBaseUrl = "/user/login"
+	SocialMap     = make(map[string]SocialConnector)
+)
+
+func NewOauthService() {
+	if !base.Cfg.MustBool("oauth", "ENABLED") {
+		return
+	}
+
+	base.OauthService = &base.Oauther{}
+	base.OauthService.OauthInfos = make(map[string]*base.OauthInfo)
+
+	socialConfigs := make(map[string]*oauth.Config)
+	allOauthes := []string{"github", "google", "qq", "twitter"}
+	// Load all OAuth config data.
+	for _, name := range allOauthes {
+		base.OauthService.OauthInfos[name] = &base.OauthInfo{
+			ClientId:     base.Cfg.MustValue("oauth."+name, "CLIENT_ID"),
+			ClientSecret: base.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"),
+			Scopes:       base.Cfg.MustValue("oauth."+name, "SCOPES"),
+			AuthUrl:      base.Cfg.MustValue("oauth."+name, "AUTH_URL"),
+			TokenUrl:     base.Cfg.MustValue("oauth."+name, "TOKEN_URL"),
+		}
+		socialConfigs[name] = &oauth.Config{
+			ClientId:     base.OauthService.OauthInfos[name].ClientId,
+			ClientSecret: base.OauthService.OauthInfos[name].ClientSecret,
+			RedirectURL:  strings.TrimSuffix(base.AppUrl, "/") + SocialBaseUrl + name,
+			Scope:        base.OauthService.OauthInfos[name].Scopes,
+			AuthURL:      base.OauthService.OauthInfos[name].AuthUrl,
+			TokenURL:     base.OauthService.OauthInfos[name].TokenUrl,
+		}
+	}
+
+	enabledOauths := make([]string, 0, 10)
+
+	// GitHub.
+	if base.Cfg.MustBool("oauth.github", "ENABLED") {
+		base.OauthService.GitHub = true
+		newGitHubOauth(socialConfigs["github"])
+		enabledOauths = append(enabledOauths, "GitHub")
+	}
+
+	// Google.
+	if base.Cfg.MustBool("oauth.google", "ENABLED") {
+		base.OauthService.Google = true
+		newGoogleOauth(socialConfigs["google"])
+		enabledOauths = append(enabledOauths, "Google")
+	}
+
+	// QQ.
+	if base.Cfg.MustBool("oauth.qq", "ENABLED") {
+		base.OauthService.Tencent = true
+		newTencentOauth(socialConfigs["qq"])
+		enabledOauths = append(enabledOauths, "QQ")
+	}
+
+	// Twitter.
+	if base.Cfg.MustBool("oauth.twitter", "ENABLED") {
+		base.OauthService.Twitter = true
+		newTwitterOauth(socialConfigs["twitter"])
+		enabledOauths = append(enabledOauths, "Twitter")
+	}
+
+	log.Info("Oauth Service Enabled %s", enabledOauths)
+}
+
+//   ________.__  __     ___ ___      ___.
+//  /  _____/|__|/  |_  /   |   \ __ _\_ |__
+// /   \  ___|  \   __\/    ~    \  |  \ __ \
+// \    \_\  \  ||  |  \    Y    /  |  / \_\ \
+//  \______  /__||__|   \___|_  /|____/|___  /
+//         \/                 \/           \/
+
+type SocialGithub struct {
+	Token *oauth.Token
+	*oauth.Transport
+}
+
+func (s *SocialGithub) Type() int {
+	return models.OT_GITHUB
+}
+
+func newGitHubOauth(config *oauth.Config) {
+	SocialMap["github"] = &SocialGithub{
+		Transport: &oauth.Transport{
+			Config:    config,
+			Transport: http.DefaultTransport,
+		},
+	}
+}
+
+func (s *SocialGithub) SetRedirectUrl(url string) {
+	s.Transport.Config.RedirectURL = url
+}
+
+func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
+	transport := &oauth.Transport{
+		Token: token,
+	}
+	var data struct {
+		Id    int    `json:"id"`
+		Name  string `json:"login"`
+		Email string `json:"email"`
+	}
+	var err error
+	r, err := transport.Client().Get(s.Transport.Scope)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Body.Close()
+	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
+		return nil, err
+	}
+	return &BasicUserInfo{
+		Identity: strconv.Itoa(data.Id),
+		Name:     data.Name,
+		Email:    data.Email,
+	}, nil
+}
+
+//   ________                     .__
+//  /  _____/  ____   ____   ____ |  |   ____
+// /   \  ___ /  _ \ /  _ \ / ___\|  | _/ __ \
+// \    \_\  (  <_> |  <_> ) /_/  >  |_\  ___/
+//  \______  /\____/ \____/\___  /|____/\___  >
+//         \/             /_____/           \/
+
+type SocialGoogle struct {
+	Token *oauth.Token
+	*oauth.Transport
+}
+
+func (s *SocialGoogle) Type() int {
+	return models.OT_GOOGLE
+}
+
+func newGoogleOauth(config *oauth.Config) {
+	SocialMap["google"] = &SocialGoogle{
+		Transport: &oauth.Transport{
+			Config:    config,
+			Transport: http.DefaultTransport,
+		},
+	}
+}
+
+func (s *SocialGoogle) SetRedirectUrl(url string) {
+	s.Transport.Config.RedirectURL = url
+}
+
+func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
+	transport := &oauth.Transport{Token: token}
+	var data struct {
+		Id    string `json:"id"`
+		Name  string `json:"name"`
+		Email string `json:"email"`
+	}
+	var err error
+
+	reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
+	r, err := transport.Client().Get(reqUrl)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Body.Close()
+	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
+		return nil, err
+	}
+	return &BasicUserInfo{
+		Identity: data.Id,
+		Name:     data.Name,
+		Email:    data.Email,
+	}, nil
+}
+
+// ________   ________
+// \_____  \  \_____  \
+//  /  / \  \  /  / \  \
+// /   \_/.  \/   \_/.  \
+// \_____\ \_/\_____\ \_/
+//        \__>       \__>
+
+type SocialTencent struct {
+	Token *oauth.Token
+	*oauth.Transport
+	reqUrl string
+}
+
+func (s *SocialTencent) Type() int {
+	return models.OT_QQ
+}
+
+func newTencentOauth(config *oauth.Config) {
+	SocialMap["qq"] = &SocialTencent{
+		reqUrl: "https://open.t.qq.com/api/user/info",
+		Transport: &oauth.Transport{
+			Config:    config,
+			Transport: http.DefaultTransport,
+		},
+	}
+}
+
+func (s *SocialTencent) SetRedirectUrl(url string) {
+	s.Transport.Config.RedirectURL = url
+}
+
+func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
+	var data struct {
+		Data struct {
+			Id    string `json:"openid"`
+			Name  string `json:"name"`
+			Email string `json:"email"`
+		} `json:"data"`
+	}
+	var err error
+	// https://open.t.qq.com/api/user/info?
+	//oauth_consumer_key=APP_KEY&
+	//access_token=ACCESSTOKEN&openid=openid
+	//clientip=CLIENTIP&oauth_version=2.a
+	//scope=all
+	var urls = url.Values{
+		"oauth_consumer_key": {s.Transport.Config.ClientId},
+		"access_token":       {token.AccessToken},
+		"openid":             URL.Query()["openid"],
+		"oauth_version":      {"2.a"},
+		"scope":              {"all"},
+	}
+	r, err := http.Get(s.reqUrl + "?" + urls.Encode())
+	if err != nil {
+		return nil, err
+	}
+	defer r.Body.Close()
+	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
+		return nil, err
+	}
+	return &BasicUserInfo{
+		Identity: data.Data.Id,
+		Name:     data.Data.Name,
+		Email:    data.Data.Email,
+	}, nil
+}
+
+// ___________       .__  __    __
+// \__    ___/_  _  _|__|/  |__/  |_  ___________
+//   |    |  \ \/ \/ /  \   __\   __\/ __ \_  __ \
+//   |    |   \     /|  ||  |  |  | \  ___/|  | \/
+//   |____|    \/\_/ |__||__|  |__|  \___  >__|
+//                                       \/
+
+type SocialTwitter struct {
+	Token *oauth.Token
+	*oauth.Transport
+}
+
+func (s *SocialTwitter) Type() int {
+	return models.OT_TWITTER
+}
+
+func newTwitterOauth(config *oauth.Config) {
+	SocialMap["twitter"] = &SocialTwitter{
+		Transport: &oauth.Transport{
+			Config:    config,
+			Transport: http.DefaultTransport,
+		},
+	}
+}
+
+func (s *SocialTwitter) SetRedirectUrl(url string) {
+	s.Transport.Config.RedirectURL = url
+}
+
+//https://github.com/mrjones/oauth
+func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
+	// transport := &oauth.Transport{Token: token}
+	// var data struct {
+	// 	Id    string `json:"id"`
+	// 	Name  string `json:"name"`
+	// 	Email string `json:"email"`
+	// }
+	// var err error
+
+	// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
+	// r, err := transport.Client().Get(reqUrl)
+	// if err != nil {
+	// 	return nil, err
+	// }
+	// defer r.Body.Close()
+	// if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
+	// 	return nil, err
+	// }
+	// return &BasicUserInfo{
+	// 	Identity: data.Id,
+	// 	Name:     data.Name,
+	// 	Email:    data.Email,
+	// }, nil
+	return nil, nil
+}
diff --git a/routers/install.go b/routers/install.go
index d66f5b39b6..f09401370b 100644
--- a/routers/install.go
+++ b/routers/install.go
@@ -22,6 +22,7 @@ import (
 	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/mailer"
 	"github.com/gogits/gogs/modules/middleware"
+	"github.com/gogits/gogs/modules/social"
 )
 
 // Check run mode(Default of martini is Dev).
@@ -36,6 +37,11 @@ func checkRunMode() {
 	log.Info("Run Mode: %s", strings.Title(martini.Env))
 }
 
+func NewServices() {
+	base.NewBaseServices()
+	social.NewOauthService()
+}
+
 // GlobalInit is for global configuration reload-able.
 func GlobalInit() {
 	base.NewConfigContext()
@@ -52,7 +58,7 @@ func GlobalInit() {
 		models.HasEngine = true
 		cron.NewCronContext()
 	}
-	base.NewServices()
+	NewServices()
 	checkRunMode()
 }
 
diff --git a/routers/user/home.go b/routers/user/home.go
index 50f16f094b..12099a5195 100644
--- a/routers/user/home.go
+++ b/routers/user/home.go
@@ -18,7 +18,7 @@ import (
 func Dashboard(ctx *middleware.Context) {
 	ctx.Data["Title"] = "Dashboard"
 	ctx.Data["PageIsUserDashboard"] = true
-	repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id})
+	repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}, true)
 	if err != nil {
 		ctx.Handle(500, "user.Dashboard", err)
 		return
@@ -58,7 +58,7 @@ func Profile(ctx *middleware.Context, params martini.Params) {
 		}
 		ctx.Data["Feeds"] = feeds
 	default:
-		repos, err := models.GetRepositories(user)
+		repos, err := models.GetRepositories(user, ctx.IsSigned && ctx.User.Id == user.Id)
 		if err != nil {
 			ctx.Handle(500, "user.Profile", err)
 			return
@@ -119,7 +119,7 @@ func Issues(ctx *middleware.Context) {
 	}
 
 	// Get all repositories.
-	repos, err := models.GetRepositories(ctx.User)
+	repos, err := models.GetRepositories(ctx.User, true)
 	if err != nil {
 		ctx.Handle(200, "user.Issues(get repositories)", err)
 		return
diff --git a/routers/user/social.go b/routers/user/social.go
index 29c4fa97c1..a258bad1ab 100644
--- a/routers/user/social.go
+++ b/routers/user/social.go
@@ -6,36 +6,20 @@ package user
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
-	"net/http"
 	"net/url"
-	"strconv"
 	"strings"
 
-	"code.google.com/p/goauth2/oauth"
 	"github.com/go-martini/martini"
 
 	"github.com/gogits/gogs/models"
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/middleware"
+	"github.com/gogits/gogs/modules/social"
 )
 
-type BasicUserInfo struct {
-	Identity string
-	Name     string
-	Email    string
-}
-
-type SocialConnector interface {
-	Type() int
-	SetRedirectUrl(string)
-	UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
-
-	AuthCodeURL(string) string
-	Exchange(string) (*oauth.Token, error)
-}
-
 func extractPath(next string) string {
 	n, err := url.Parse(next)
 	if err != nil {
@@ -44,278 +28,72 @@ func extractPath(next string) string {
 	return n.Path
 }
 
-var (
-	SocialBaseUrl = "/user/login"
-	SocialMap     = make(map[string]SocialConnector)
-)
-
-// github && google && ...
-func SocialSignIn(params martini.Params, ctx *middleware.Context) {
-	if base.OauthService == nil || !base.OauthService.GitHub.Enabled {
-		ctx.Handle(404, "social login not enabled", nil)
+func SocialSignIn(ctx *middleware.Context, params martini.Params) {
+	if base.OauthService == nil {
+		ctx.Handle(404, "social.SocialSignIn(oauth service not enabled)", nil)
 		return
 	}
+
 	next := extractPath(ctx.Query("next"))
 	name := params["name"]
-	connect, ok := SocialMap[name]
+	connect, ok := social.SocialMap[name]
 	if !ok {
-		ctx.Handle(404, "social login", nil)
+		ctx.Handle(404, "social.SocialSignIn(social login not enabled)", errors.New(name))
 		return
 	}
+
 	code := ctx.Query("code")
 	if code == "" {
 		// redirect to social login page
-		connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Host + ctx.Req.URL.Path)
+		connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.Path)
 		ctx.Redirect(connect.AuthCodeURL(next))
 		return
 	}
 
 	// handle call back
-	tk, err := connect.Exchange(code) // exchange for token
+	tk, err := connect.Exchange(code)
 	if err != nil {
-		log.Error("oauth2 handle callback error: %v", err)
-		ctx.Handle(500, "exchange code error", nil)
+		ctx.Handle(500, "social.SocialSignIn(Exchange)", err)
 		return
 	}
 	next = extractPath(ctx.Query("state"))
-	log.Trace("success get token")
+	log.Trace("social.SocialSignIn(Got token)")
 
 	ui, err := connect.UserInfo(tk, ctx.Req.URL)
 	if err != nil {
-		ctx.Handle(500, fmt.Sprintf("get infomation from %s error: %v", name, err), nil)
-		log.Error("social connect error: %s", err)
+		ctx.Handle(500, fmt.Sprintf("social.SocialSignIn(get info from %s)", name), err)
 		return
 	}
-	log.Info("social login: %s", ui)
+	log.Info("social.SocialSignIn(social login): %s", ui)
+
 	oa, err := models.GetOauth2(ui.Identity)
 	switch err {
 	case nil:
 		ctx.Session.Set("userId", oa.User.Id)
 		ctx.Session.Set("userName", oa.User.Name)
-	case models.ErrOauth2RecordNotExists:
-		oa = &models.Oauth2{}
-		raw, _ := json.Marshal(tk) // json encode
-		oa.Token = string(raw)
-		oa.Uid = -1
-		oa.Type = connect.Type()
-		oa.Identity = ui.Identity
-		log.Trace("oa: %v", oa)
+	case models.ErrOauth2RecordNotExist:
+		raw, _ := json.Marshal(tk)
+		oa = &models.Oauth2{
+			Uid:      -1,
+			Type:     connect.Type(),
+			Identity: ui.Identity,
+			Token:    string(raw),
+		}
+		log.Trace("social.SocialSignIn(oa): %v", oa)
 		if err = models.AddOauth2(oa); err != nil {
-			log.Error("add oauth2 %v", err) // 501
+			log.Error("social.SocialSignIn(add oauth2): %v", err) // 501
 			return
 		}
-	case models.ErrOauth2NotAssociatedWithUser:
+	case models.ErrOauth2NotAssociated:
 		next = "/user/sign_up"
 	default:
-		log.Error("other error: %v", err)
-		ctx.Handle(500, err.Error(), nil)
+		ctx.Handle(500, "social.SocialSignIn(GetOauth2)", err)
 		return
 	}
+
 	ctx.Session.Set("socialId", oa.Id)
 	ctx.Session.Set("socialName", ui.Name)
 	ctx.Session.Set("socialEmail", ui.Email)
-	log.Trace("socialId: %v", oa.Id)
+	log.Trace("social.SocialSignIn(social ID): %v", oa.Id)
 	ctx.Redirect(next)
 }
-
-//   ________.__  __     ___ ___      ___.
-//  /  _____/|__|/  |_  /   |   \ __ _\_ |__
-// /   \  ___|  \   __\/    ~    \  |  \ __ \
-// \    \_\  \  ||  |  \    Y    /  |  / \_\ \
-//  \______  /__||__|   \___|_  /|____/|___  /
-//         \/                 \/           \/
-
-type SocialGithub struct {
-	Token *oauth.Token
-	*oauth.Transport
-}
-
-func (s *SocialGithub) Type() int {
-	return models.OT_GITHUB
-}
-
-func init() {
-	github := &SocialGithub{}
-	name := "github"
-	config := &oauth.Config{
-		ClientId:     "09383403ff2dc16daaa1",                                       //base.OauthService.GitHub.ClientId, // FIXME: panic when set
-		ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea",                   //base.OauthService.GitHub.ClientSecret,
-		RedirectURL:  strings.TrimSuffix(base.AppUrl, "/") + "/user/login/" + name, //ctx.Req.URL.RequestURI(),
-		Scope:        "https://api.github.com/user",
-		AuthURL:      "https://github.com/login/oauth/authorize",
-		TokenURL:     "https://github.com/login/oauth/access_token",
-	}
-	github.Transport = &oauth.Transport{
-		Config:    config,
-		Transport: http.DefaultTransport,
-	}
-	SocialMap[name] = github
-}
-
-func (s *SocialGithub) SetRedirectUrl(url string) {
-	s.Transport.Config.RedirectURL = url
-}
-
-func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
-	transport := &oauth.Transport{
-		Token: token,
-	}
-	var data struct {
-		Id    int    `json:"id"`
-		Name  string `json:"login"`
-		Email string `json:"email"`
-	}
-	var err error
-	r, err := transport.Client().Get(s.Transport.Scope)
-	if err != nil {
-		return nil, err
-	}
-	defer r.Body.Close()
-	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
-		return nil, err
-	}
-	return &BasicUserInfo{
-		Identity: strconv.Itoa(data.Id),
-		Name:     data.Name,
-		Email:    data.Email,
-	}, nil
-}
-
-//   ________                     .__
-//  /  _____/  ____   ____   ____ |  |   ____
-// /   \  ___ /  _ \ /  _ \ / ___\|  | _/ __ \
-// \    \_\  (  <_> |  <_> ) /_/  >  |_\  ___/
-//  \______  /\____/ \____/\___  /|____/\___  >
-//         \/             /_____/           \/
-
-type SocialGoogle struct {
-	Token *oauth.Token
-	*oauth.Transport
-}
-
-func (s *SocialGoogle) Type() int {
-	return models.OT_GOOGLE
-}
-
-func init() {
-	google := &SocialGoogle{}
-	name := "google"
-	// get client id and secret from
-	// https://console.developers.google.com/project
-	config := &oauth.Config{
-		ClientId:     "849753812404-mpd7ilvlb8c7213qn6bre6p6djjskti9.apps.googleusercontent.com", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
-		ClientSecret: "VukKc4MwaJUSmiyv3D7ANVCa",                                                 //base.OauthService.GitHub.ClientSecret,
-		Scope:        "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
-		AuthURL:      "https://accounts.google.com/o/oauth2/auth",
-		TokenURL:     "https://accounts.google.com/o/oauth2/token",
-	}
-	google.Transport = &oauth.Transport{
-		Config:    config,
-		Transport: http.DefaultTransport,
-	}
-	SocialMap[name] = google
-}
-
-func (s *SocialGoogle) SetRedirectUrl(url string) {
-	s.Transport.Config.RedirectURL = url
-}
-
-func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
-	transport := &oauth.Transport{Token: token}
-	var data struct {
-		Id    string `json:"id"`
-		Name  string `json:"name"`
-		Email string `json:"email"`
-	}
-	var err error
-
-	reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
-	r, err := transport.Client().Get(reqUrl)
-	if err != nil {
-		return nil, err
-	}
-	defer r.Body.Close()
-	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
-		return nil, err
-	}
-	return &BasicUserInfo{
-		Identity: data.Id,
-		Name:     data.Name,
-		Email:    data.Email,
-	}, nil
-}
-
-// ________   ________
-// \_____  \  \_____  \
-//  /  / \  \  /  / \  \
-// /   \_/.  \/   \_/.  \
-// \_____\ \_/\_____\ \_/
-//        \__>       \__>
-
-type SocialQQ struct {
-	Token *oauth.Token
-	*oauth.Transport
-	reqUrl string
-}
-
-func (s *SocialQQ) Type() int {
-	return models.OT_QQ
-}
-
-func init() {
-	qq := &SocialQQ{}
-	name := "qq"
-	config := &oauth.Config{
-		ClientId:     "801497180",                        //base.OauthService.GitHub.ClientId, // FIXME: panic when set
-		ClientSecret: "16cd53b8ad2e16a36fc2c8f87d9388f2", //base.OauthService.GitHub.ClientSecret,
-		Scope:        "all",
-		AuthURL:      "https://open.t.qq.com/cgi-bin/oauth2/authorize",
-		TokenURL:     "https://open.t.qq.com/cgi-bin/oauth2/access_token",
-	}
-	qq.reqUrl = "https://open.t.qq.com/api/user/info"
-	qq.Transport = &oauth.Transport{
-		Config:    config,
-		Transport: http.DefaultTransport,
-	}
-	SocialMap[name] = qq
-}
-
-func (s *SocialQQ) SetRedirectUrl(url string) {
-	s.Transport.Config.RedirectURL = url
-}
-
-func (s *SocialQQ) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
-	var data struct {
-		Data struct {
-			Id    string `json:"openid"`
-			Name  string `json:"name"`
-			Email string `json:"email"`
-		} `json:"data"`
-	}
-	var err error
-	// https://open.t.qq.com/api/user/info?
-	//oauth_consumer_key=APP_KEY&
-	//access_token=ACCESSTOKEN&openid=openid
-	//clientip=CLIENTIP&oauth_version=2.a
-	//scope=all
-	var urls = url.Values{
-		"oauth_consumer_key": {s.Transport.Config.ClientId},
-		"access_token":       {token.AccessToken},
-		"openid":             URL.Query()["openid"],
-		"oauth_version":      {"2.a"},
-		"scope":              {"all"},
-	}
-	r, err := http.Get(s.reqUrl + "?" + urls.Encode())
-	if err != nil {
-		return nil, err
-	}
-	defer r.Body.Close()
-	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
-		return nil, err
-	}
-	return &BasicUserInfo{
-		Identity: data.Data.Id,
-		Name:     data.Data.Name,
-		Email:    data.Data.Email,
-	}, nil
-}
diff --git a/routers/user/user.go b/routers/user/user.go
index bcb2e97833..56b9dc205c 100644
--- a/routers/user/user.go
+++ b/routers/user/user.go
@@ -19,9 +19,15 @@ import (
 func SignIn(ctx *middleware.Context) {
 	ctx.Data["Title"] = "Log In"
 
+	if _, ok := ctx.Session.Get("socialId").(int64); ok {
+		ctx.Data["IsSocialLogin"] = true
+		ctx.HTML(200, "user/signin")
+		return
+	}
+
 	if base.OauthService != nil {
 		ctx.Data["OauthEnabled"] = true
-		ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled
+		ctx.Data["OauthService"] = base.OauthService
 	}
 
 	// Check auto-login.
@@ -34,7 +40,7 @@ func SignIn(ctx *middleware.Context) {
 	isSucceed := false
 	defer func() {
 		if !isSucceed {
-			log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName)
+			log.Trace("user.SignIn(auto-login cookie cleared): %s", userName)
 			ctx.SetCookie(base.CookieUserName, "", -1)
 			ctx.SetCookie(base.CookieRememberName, "", -1)
 			return
@@ -70,9 +76,12 @@ func SignIn(ctx *middleware.Context) {
 func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
 	ctx.Data["Title"] = "Log In"
 
-	if base.OauthService != nil {
+	sid, isOauth := ctx.Session.Get("socialId").(int64)
+	if isOauth {
+		ctx.Data["IsSocialLogin"] = true
+	} else if base.OauthService != nil {
 		ctx.Data["OauthEnabled"] = true
-		ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled
+		ctx.Data["OauthService"] = base.OauthService
 	}
 
 	if ctx.HasError() {
@@ -99,13 +108,20 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
 		ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
 	}
 
-	// Bind with social account
-	if sid, ok := ctx.Session.Get("socialId").(int64); ok {
+	// Bind with social account.
+	if isOauth {
 		if err = models.BindUserOauth2(user.Id, sid); err != nil {
-			log.Error("bind user error: %v", err)
+			if err == models.ErrOauth2RecordNotExist {
+				ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err)
+			} else {
+				ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err)
+			}
+			return
 		}
 		ctx.Session.Delete("socialId")
+		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
 	}
+
 	ctx.Session.Set("userId", user.Id)
 	ctx.Session.Set("userName", user.Name)
 	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
@@ -117,6 +133,27 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
 	ctx.Redirect("/")
 }
 
+func oauthSignInPost(ctx *middleware.Context, sid int64) {
+	ctx.Data["Title"] = "OAuth Sign Up"
+	ctx.Data["PageIsSignUp"] = true
+
+	if _, err := models.GetOauth2ById(sid); err != nil {
+		if err == models.ErrOauth2RecordNotExist {
+			ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
+		} else {
+			ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
+		}
+		return
+	}
+
+	ctx.Data["IsSocialLogin"] = true
+	ctx.Data["username"] = ctx.Session.Get("socialName")
+	ctx.Data["email"] = ctx.Session.Get("socialEmail")
+	log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
+
+	ctx.HTML(200, "user/signup")
+}
+
 func SignOut(ctx *middleware.Context) {
 	ctx.Session.Delete("userId")
 	ctx.Session.Delete("userName")
@@ -132,23 +169,37 @@ func SignUp(ctx *middleware.Context) {
 	ctx.Data["Title"] = "Sign Up"
 	ctx.Data["PageIsSignUp"] = true
 
-	if sid, ok := ctx.Session.Get("socialId").(int64); ok {
-		var err error
-		if _, err = models.GetOauth2ById(sid); err == nil {
-			ctx.Data["IsSocialLogin"] = true
-			// FIXME: don't set in error page
-			ctx.Data["username"] = ctx.Session.Get("socialName")
-			ctx.Data["email"] = ctx.Session.Get("socialEmail")
-		} else {
-			log.Error("unaccepted oauth error: %s", err) // FIXME: should it show in page
-		}
-	}
 	if base.Service.DisenableRegisteration {
 		ctx.Data["DisenableRegisteration"] = true
 		ctx.HTML(200, "user/signup")
 		return
 	}
-	log.Info("session: %v", ctx.Session.Get("socialId"))
+
+	if sid, ok := ctx.Session.Get("socialId").(int64); ok {
+		oauthSignUp(ctx, sid)
+		return
+	}
+
+	ctx.HTML(200, "user/signup")
+}
+
+func oauthSignUp(ctx *middleware.Context, sid int64) {
+	ctx.Data["Title"] = "OAuth Sign Up"
+	ctx.Data["PageIsSignUp"] = true
+
+	if _, err := models.GetOauth2ById(sid); err != nil {
+		if err == models.ErrOauth2RecordNotExist {
+			ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
+		} else {
+			ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
+		}
+		return
+	}
+
+	ctx.Data["IsSocialLogin"] = true
+	ctx.Data["username"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1)
+	ctx.Data["email"] = ctx.Session.Get("socialEmail")
+	log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
 
 	ctx.HTML(200, "user/signup")
 }
@@ -162,6 +213,11 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
 		return
 	}
 
+	sid, isOauth := ctx.Session.Get("socialId").(int64)
+	if isOauth {
+		ctx.Data["IsSocialLogin"] = true
+	}
+
 	if form.Password != form.RetypePasswd {
 		ctx.Data["HasError"] = true
 		ctx.Data["Err_Password"] = true
@@ -179,7 +235,7 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
 		Name:     form.UserName,
 		Email:    form.Email,
 		Passwd:   form.Password,
-		IsActive: !base.Service.RegisterEmailConfirm,
+		IsActive: !base.Service.RegisterEmailConfirm || isOauth,
 	}
 
 	var err error
@@ -192,20 +248,25 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
 		case models.ErrUserNameIllegal:
 			ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form)
 		default:
-			ctx.Handle(500, "user.SignUp", err)
+			ctx.Handle(500, "user.SignUp(RegisterUser)", err)
 		}
 		return
 	}
 
-	log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName))
-	// Bind Social Account
-	if sid, ok := ctx.Session.Get("socialId").(int64); ok {
-		models.BindUserOauth2(u.Id, sid)
+	log.Trace("%s User created: %s", ctx.Req.RequestURI, form.UserName)
+
+	// Bind social account.
+	if isOauth {
+		if err = models.BindUserOauth2(u.Id, sid); err != nil {
+			ctx.Handle(500, "user.SignUp(BindUserOauth2)", err)
+			return
+		}
 		ctx.Session.Delete("socialId")
+		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
 	}
 
-	// Send confirmation e-mail.
-	if base.Service.RegisterEmailConfirm && u.Id > 1 {
+	// Send confirmation e-mail, no need for social account.
+	if !isOauth && base.Service.RegisterEmailConfirm && u.Id > 1 {
 		mailer.SendRegisterMail(ctx.Render, u)
 		ctx.Data["IsSendRegisterMail"] = true
 		ctx.Data["Email"] = u.Email
diff --git a/templates/user/dashboard.tmpl b/templates/user/dashboard.tmpl
index 167ae9abbd..bc363ddaab 100644
--- a/templates/user/dashboard.tmpl
+++ b/templates/user/dashboard.tmpl
@@ -44,7 +44,7 @@
                 <ul class="list-group">{{range .MyRepos}}
                     <li class="list-group-item"><a href="/{{$.SignedUserName}}/{{.Name}}">
                         <!-- <span class="stars pull-right"><i class="fa fa-star"></i>{{.NumStars}}</span> -->
-                        <i class="fa fa-book"></i>{{.Name}}</a>
+                        <i class="fa fa-book"></i>{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a>
                     </li>{{end}}
                 </ul>
             </div>
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index 255eb71cb2..a336bfb2fb 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -20,8 +20,8 @@
                     <li class="list-group-item"><i class="fa fa-link"></i><a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a></li>
                 {{end}}
                 <li class="list-group-item"><i class="fa fa-clock-o"></i>Joined on {{DateFormat .Owner.Created "M d, Y"}}</li>
-                <hr>
-                <li class="list-group-item" style="padding-top: 5px;">
+                <!-- <hr> -->
+                <!-- <li class="list-group-item" style="padding-top: 5px;">
                     <div class="profile-rel">
                         <div class="col-md-6 followers">
                             <strong>123</strong>
@@ -33,7 +33,7 @@
                         </div>
                     </div>
                 </li>
-                <hr>
+                <hr> -->
             </ul>
         </div>
     </div>
@@ -65,7 +65,7 @@
                     <li>
                         <div class="meta pull-right"><!-- <i class="fa fa-star"></i> {{.NumStars}} --> <i class="fa fa-code-fork"></i> {{.NumForks}}</div>
                         <h4>
-                            <a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}</a>
+                            <a href="/{{$owner.Name}}/{{.Name}}">{{.Name}}{{if .IsPrivate}} <span class="label label-default">Private</span>{{end}}</a>
                         </h4>
                         <p class="desc">{{.Description}}</p>
                         <div class="info">Last updated {{.Updated|TimeSince}}</div>
diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl
index 4ea4173801..d402c29238 100644
--- a/templates/user/signin.tmpl
+++ b/templates/user/signin.tmpl
@@ -3,15 +3,11 @@
 <div class="container" id="body" data-page="user-signin">
     <form action="/user/login" method="post" class="form-horizontal card" id="login-card">
         {{.CsrfTokenHtml}}
-        <h3>Log in
-        <!--{{if .OauthEnabled}}
-            <small class="pull-right">social login: 
-            {{if .OauthGitHubEnabled}}
-                <a href="/user/login/github?next=/user/sign_up"><i class="fa fa-github-square fa-2x"></i></a>
-            {{end}}
-            </small>
-        {{end}}-->
-        </h3>
+        {{if .IsSocialLogin}}
+        <h3>Social login: 2nd step <small>associate account</small></h3>
+        {{else}}
+        <h3>Log in</h3>
+        {{end}}
         {{template "base/alert" .}}
         <div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
             <label class="col-md-4 control-label">Username: </label>
@@ -26,8 +22,8 @@
                 <input name="passwd" type="password" class="form-control" placeholder="Type your password" required="required">
             </div>
         </div>
-
-        <div class="form-group">
+        
+        {{if not .IsSocialLogin}}<div class="form-group">
             <div class="col-md-6 col-md-offset-4">
                 <div class="checkbox">
                     <label>
@@ -36,16 +32,16 @@
                     </label>
                 </div>
             </div>
-        </div>
+        </div>{{end}}
 
         <div class="form-group">
             <div class="col-md-offset-4 col-md-6">
                 <button type="submit" class="btn btn-lg btn-primary">Log In</button>
-                <a href="/user/forget_password/">Forgot your password?</a>
+                {{if not .IsSocialLogin}}<a href="/user/forget_password/">Forgot your password?</a>{{end}}
             </div>
         </div>
 
-        <div class="form-group">
+        {{if not .IsSocialLogin}}<div class="form-group">
             <div class="col-md-offset-4 col-md-6">
                 <a href="/user/sign_up">Need an account? Sign up now.</a>
             </div>
@@ -54,10 +50,7 @@
         {{if .OauthEnabled}}
         <div class="form-group text-center" id="social-login">
             <h4><span>or</span></h4>
-            <!--<a href="/user/login/github?next=/user/sign_up" class="btn btn-default google">
-                <i class="fa fa-google-plus-square fa-2x"></i>
-                <span>Google</span>
-            </a>
+            <!--
             <a href="/user/login/github?next=/user/sign_up" class="btn btn-default facebbok">
                 <i class="fa fa-facebook-square fa-2x"></i>
                 <span>Facebook</span>
@@ -66,12 +59,12 @@
                 <i class="fa fa-weibo fa-2x"></i>
                 <span>Weibo</span>
             </a>-->
-            {{if .OauthGitHubEnabled}}<a href="/user/login/github?next=/user/sign_up" class="github btn btn-default">
-            <i class="fa fa-github-square fa-2x"></i>
-            <span>GitHub</span>
-            </a>{{end}}
+            {{if .OauthService.GitHub}}<a href="/user/login/github?next=/user/sign_up" class="btn btn-default"><i class="fa fa-github-square fa-2x"></i><span>GitHub</span></a>{{end}}
+            {{if .OauthService.Google}}<a href="/user/login/google?next=/user/sign_up" class="btn btn-default"><i class="fa fa-google-plus-square fa-2x"></i><span>Google</span></a>{{end}}
+            {{if .OauthService.Tencent}}<a href="/user/login/twitter?next=/user/sign_up" class="btn btn-default"><i class="fa fa-twitter-square fa-2x"></i><span>Twitter</span></a>{{end}}
+            {{if .OauthService.Tencent}}<a href="/user/login/qq?next=/user/sign_up" class="btn btn-default"><i class="fa fa-linux fa-2x"></i><span>QQ</span></a>{{end}}
         </div>
-        {{end}}
+        {{end}}{{end}}
     </form>
 </div>
 {{template "base/footer" .}}
diff --git a/templates/user/signup.tmpl b/templates/user/signup.tmpl
index 6cf48a4d80..0295159943 100644
--- a/templates/user/signup.tmpl
+++ b/templates/user/signup.tmpl
@@ -1,15 +1,15 @@
 {{template "base/head" .}}
 {{template "base/navbar" .}}
-<div class="container" id="body" data-page="user-signup">
+<div class="container" id="body">
 	<form action="/user/sign_up" method="post" class="form-horizontal card" id="login-card">
 		{{.CsrfTokenHtml}}
 		{{if .DisenableRegisteration}}
 		Sorry, registeration has been disenabled, you can only get account from administrator.
 		{{else}}
 		{{if .IsSocialLogin}}
-			<h3>Social login: 2nd step <small>complete information</small></h3>
+		<h3>Social login: 2nd step <small>complete information</small></h3>
 		{{else}}
-			<h3>Sign Up</h3>
+		<h3>Sign Up</h3>
 		{{end}}
 	    {{template "base/alert" .}}
 		<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">

From d2b53dd43b3bc9719985033bc92b76abb9515b4d Mon Sep 17 00:00:00 2001
From: Unknown <joe2010xtmf@163.com>
Date: Sun, 13 Apr 2014 21:00:12 -0400
Subject: [PATCH 2/4] Add weibo oauth

---
 README.md                       |  3 +-
 README_ZH.md                    |  3 +-
 conf/app.ini                    |  8 +++++
 gogs.go                         |  2 +-
 models/action.go                | 14 ++++++--
 models/oauth2.go                |  6 ++++
 models/repo.go                  |  2 +-
 modules/base/conf.go            |  2 +-
 modules/base/template.go        | 22 +++++++++++-
 modules/middleware/repo.go      |  7 ++++
 modules/social/social.go        | 62 ++++++++++++++++++++++++++++++++-
 routers/admin/admin.go          |  6 ++++
 routers/user/setting.go         | 24 ++++++++++---
 templates/admin/config.tmpl     | 26 ++++++++++++--
 templates/repo/toolbar.tmpl     |  2 +-
 templates/user/publickey.tmpl   |  4 +--
 templates/user/setting_nav.tmpl |  1 +
 templates/user/signin.tmpl      |  5 +--
 templates/user/social.tmpl      | 17 +++++++++
 web.go                          |  3 +-
 20 files changed, 198 insertions(+), 21 deletions(-)
 create mode 100644 templates/user/social.tmpl

diff --git a/README.md b/README.md
index 34f8b66f06..20dc8806dd 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language
 
 ![Demo](http://gowalker.org/public/gogs_demo.gif)
 
-##### Current version: 0.2.8 Alpha
+##### Current version: 0.2.9 Alpha
 
 ### NOTICES
 
@@ -40,6 +40,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o
 - Mail service(register, issue).
 - Administration panel.
 - Supports MySQL, PostgreSQL and SQLite3.
+- Social account login(GitHub, Google, QQ, Weibo)
 
 ## Installation
 
diff --git a/README_ZH.md b/README_ZH.md
index beb5a1050b..97ab07ff23 100644
--- a/README_ZH.md
+++ b/README_ZH.md
@@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。
 
 ![Demo](http://gowalker.org/public/gogs_demo.gif)
 
-##### 当前版本：0.2.8 Alpha
+##### 当前版本：0.2.9 Alpha
 
 ## 开发目的
 
@@ -31,6 +31,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作，实现 **零** 依
 - 邮件服务（注册、Issue）
 - 管理员面板
 - 支持 MySQL、PostgreSQL 以及 SQLite3
+- 社交帐号登录（GitHub、Google、QQ、微博）
 
 ## 安装部署
 
diff --git a/conf/app.ini b/conf/app.ini
index 4eaf0a33c2..c70919961c 100644
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -109,6 +109,14 @@ SCOPES = all
 AUTH_URL = https://api.twitter.com/oauth/authorize
 TOKEN_URL = https://api.twitter.com/oauth/access_token
 
+[oauth.weibo]
+ENABLED = false
+CLIENT_ID = 
+CLIENT_SECRET = 
+SCOPES = all
+AUTH_URL = https://api.weibo.com/oauth2/authorize
+TOKEN_URL = https://api.weibo.com/oauth2/access_token
+
 [cache]
 ; Either "memory", "redis", or "memcache", default is "memory"
 ADAPTER = memory
diff --git a/gogs.go b/gogs.go
index 7a7d3ac873..de2bbc7777 100644
--- a/gogs.go
+++ b/gogs.go
@@ -19,7 +19,7 @@ import (
 // Test that go1.2 tag above is included in builds. main.go refers to this definition.
 const go12tag = true
 
-const APP_VER = "0.2.8.0413 Alpha"
+const APP_VER = "0.2.9.0413 Alpha"
 
 func init() {
 	base.AppVer = APP_VER
diff --git a/models/action.go b/models/action.go
index a642a82c98..3edb884e27 100644
--- a/models/action.go
+++ b/models/action.go
@@ -8,6 +8,8 @@ import (
 	"encoding/json"
 	"time"
 
+	// "github.com/gogits/git"
+
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/log"
 )
@@ -22,6 +24,7 @@ const (
 	OP_CREATE_ISSUE
 	OP_PULL_REQUEST
 	OP_TRANSFER_REPO
+	OP_PUSH_TAG
 )
 
 // Action represents user operation type and other information to repository.,
@@ -67,7 +70,14 @@ func (a Action) GetContent() string {
 // CommitRepoAction adds new action for committing repository.
 func CommitRepoAction(userId int64, userName, actEmail string,
 	repoId int64, repoName string, refName string, commit *base.PushCommits) error {
-	log.Trace("action.CommitRepoAction(start): %d/%s", userId, repoName)
+	// log.Trace("action.CommitRepoAction(start): %d/%s", userId, repoName)
+
+	opType := OP_COMMIT_REPO
+	// Check it's tag push or branch.
+	// if git.IsTagExist(RepoPath(userName, repoName), refName) {
+	// 	opType = OP_PUSH_TAG
+	// 	commit = &base.PushCommits{}
+	// }
 
 	bs, err := json.Marshal(commit)
 	if err != nil {
@@ -76,7 +86,7 @@ func CommitRepoAction(userId int64, userName, actEmail string,
 	}
 
 	if err = NotifyWatchers(&Action{ActUserId: userId, ActUserName: userName, ActEmail: actEmail,
-		OpType: OP_COMMIT_REPO, Content: string(bs), RepoId: repoId, RepoName: repoName, RefName: refName}); err != nil {
+		OpType: opType, Content: string(bs), RepoId: repoId, RepoName: repoName, RefName: refName}); err != nil {
 		log.Error("action.CommitRepoAction(notify watchers): %d/%s", userId, repoName)
 		return err
 	}
diff --git a/models/oauth2.go b/models/oauth2.go
index 38d21fda1c..d1ae4611b8 100644
--- a/models/oauth2.go
+++ b/models/oauth2.go
@@ -68,3 +68,9 @@ func GetOauth2ById(id int64) (oa *Oauth2, err error) {
 	}
 	return oa, nil
 }
+
+// GetOauthByUserId returns list of oauthes that are releated to given user.
+func GetOauthByUserId(uid int64) (oas []*Oauth2, err error) {
+	err = orm.Find(&oas, Oauth2{Uid: uid})
+	return oas, err
+}
diff --git a/models/repo.go b/models/repo.go
index 1a5a95f047..bb0c164e24 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -75,9 +75,9 @@ type Repository struct {
 	NumStars        int
 	NumForks        int
 	NumIssues       int
-	NumReleases     int `xorm:"NOT NULL"`
 	NumClosedIssues int
 	NumOpenIssues   int `xorm:"-"`
+	NumTags         int `xorm:"-"`
 	IsPrivate       bool
 	IsMirror        bool
 	IsBare          bool
diff --git a/modules/base/conf.go b/modules/base/conf.go
index 0eca5f4fcb..957ec57b4d 100644
--- a/modules/base/conf.go
+++ b/modules/base/conf.go
@@ -38,7 +38,7 @@ type OauthInfo struct {
 // Oauther represents oauth service.
 type Oauther struct {
 	GitHub, Google, Tencent bool
-	Twitter                 bool
+	Twitter, Weibo          bool
 	OauthInfos              map[string]*OauthInfo
 }
 
diff --git a/modules/base/template.go b/modules/base/template.go
index 6241497969..79aeeb9d77 100644
--- a/modules/base/template.go
+++ b/modules/base/template.go
@@ -92,6 +92,7 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{
 	"DiffTypeToStr":     DiffTypeToStr,
 	"DiffLineTypeToStr": DiffLineTypeToStr,
 	"ShortSha":          ShortSha,
+	"Oauth2Icon":        Oauth2Icon,
 }
 
 type Actioner interface {
@@ -109,7 +110,7 @@ func ActionIcon(opType int) string {
 	switch opType {
 	case 1: // Create repository.
 		return "plus-circle"
-	case 5: // Commit repository.
+	case 5, 9: // Commit repository.
 		return "arrow-circle-o-right"
 	case 6: // Create issue.
 		return "exclamation-circle"
@@ -127,6 +128,7 @@ const (
 	TPL_CREATE_ISSUE   = `<a href="/user/%s">%s</a> opened issue <a href="/%s/issues/%s">%s#%s</a>
 <div><img src="%s?s=16" alt="user-avatar"/> %s</div>`
 	TPL_TRANSFER_REPO = `<a href="/user/%s">%s</a> transfered repository <code>%s</code> to <a href="/%s">%s</a>`
+	TPL_PUSH_TAG      = `<a href="/user/%s">%s</a> pushed tag <a href="/%s/src/%s">%s</a> at <a href="/%s">%s</a>`
 )
 
 type PushCommit struct {
@@ -174,6 +176,8 @@ func ActionDesc(act Actioner) string {
 	case 8: // Transfer repository.
 		newRepoLink := content + "/" + repoName
 		return fmt.Sprintf(TPL_TRANSFER_REPO, actUserName, actUserName, repoLink, newRepoLink, newRepoLink)
+	case 9: // Push tag.
+		return fmt.Sprintf(TPL_PUSH_TAG, actUserName, actUserName, repoLink, branch, branch, repoLink, repoLink)
 	default:
 		return "invalid type"
 	}
@@ -197,3 +201,19 @@ func DiffLineTypeToStr(diffType int) string {
 	}
 	return "same"
 }
+
+func Oauth2Icon(t int) string {
+	switch t {
+	case 1:
+		return "fa-github-square"
+	case 2:
+		return "fa-google-plus-square"
+	case 3:
+		return "fa-twitter-square"
+	case 4:
+		return "fa-linux"
+	case 5:
+		return "fa-weibo"
+	}
+	return ""
+}
diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go
index 1e79ce9870..82c1c2dbf6 100644
--- a/modules/middleware/repo.go
+++ b/modules/middleware/repo.go
@@ -123,6 +123,13 @@ func RepoAssignment(redirect bool, args ...bool) martini.Handler {
 		ctx.Repo.GitRepo = gitRepo
 		ctx.Repo.RepoLink = "/" + user.Name + "/" + repo.Name
 
+		tags, err := ctx.Repo.GitRepo.GetTags()
+		if err != nil {
+			ctx.Handle(500, "RepoAssignment(GetTags))", err)
+			return
+		}
+		ctx.Repo.Repository.NumTags = len(tags)
+
 		ctx.Data["Title"] = user.Name + "/" + repo.Name
 		ctx.Data["Repository"] = repo
 		ctx.Data["Owner"] = user
diff --git a/modules/social/social.go b/modules/social/social.go
index 230f478fe4..c2ee541776 100644
--- a/modules/social/social.go
+++ b/modules/social/social.go
@@ -48,7 +48,7 @@ func NewOauthService() {
 	base.OauthService.OauthInfos = make(map[string]*base.OauthInfo)
 
 	socialConfigs := make(map[string]*oauth.Config)
-	allOauthes := []string{"github", "google", "qq", "twitter"}
+	allOauthes := []string{"github", "google", "qq", "twitter", "weibo"}
 	// Load all OAuth config data.
 	for _, name := range allOauthes {
 		base.OauthService.OauthInfos[name] = &base.OauthInfo{
@@ -98,6 +98,13 @@ func NewOauthService() {
 		enabledOauths = append(enabledOauths, "Twitter")
 	}
 
+	// Weibo.
+	if base.Cfg.MustBool("oauth.weibo", "ENABLED") {
+		base.OauthService.Weibo = true
+		newWeiboOauth(socialConfigs["weibo"])
+		enabledOauths = append(enabledOauths, "Weibo")
+	}
+
 	log.Info("Oauth Service Enabled %s", enabledOauths)
 }
 
@@ -331,3 +338,56 @@ func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo
 	// }, nil
 	return nil, nil
 }
+
+//  __      __       ._____.
+// /  \    /  \ ____ |__\_ |__   ____
+// \   \/\/   // __ \|  || __ \ /  _ \
+//  \        /\  ___/|  || \_\ (  <_> )
+//   \__/\  /  \___  >__||___  /\____/
+//        \/       \/        \/
+
+type SocialWeibo struct {
+	Token *oauth.Token
+	*oauth.Transport
+}
+
+func (s *SocialWeibo) Type() int {
+	return models.OT_WEIBO
+}
+
+func newWeiboOauth(config *oauth.Config) {
+	SocialMap["weibo"] = &SocialWeibo{
+		Transport: &oauth.Transport{
+			Config:    config,
+			Transport: http.DefaultTransport,
+		},
+	}
+}
+
+func (s *SocialWeibo) SetRedirectUrl(url string) {
+	s.Transport.Config.RedirectURL = url
+}
+
+func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
+	transport := &oauth.Transport{Token: token}
+	var data struct {
+		Id   string `json:"id"`
+		Name string `json:"name"`
+	}
+	var err error
+
+	reqUrl := "https://api.weibo.com/2/users/show.json"
+	r, err := transport.Client().Get(reqUrl)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Body.Close()
+	if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
+		return nil, err
+	}
+	return &BasicUserInfo{
+		Identity: data.Id,
+		Name:     data.Name,
+	}, nil
+	return nil, nil
+}
diff --git a/routers/admin/admin.go b/routers/admin/admin.go
index 18a43ff817..d0f737e645 100644
--- a/routers/admin/admin.go
+++ b/routers/admin/admin.go
@@ -153,6 +153,12 @@ func Config(ctx *middleware.Context) {
 		ctx.Data["Mailer"] = base.MailService
 	}
 
+	ctx.Data["OauthEnabled"] = false
+	if base.OauthService != nil {
+		ctx.Data["OauthEnabled"] = true
+		ctx.Data["Oauther"] = base.OauthService
+	}
+
 	ctx.Data["CacheAdapter"] = base.CacheAdapter
 	ctx.Data["CacheConfig"] = base.CacheConfig
 
diff --git a/routers/user/setting.go b/routers/user/setting.go
index 7e66ad3599..a8fdc116c6 100644
--- a/routers/user/setting.go
+++ b/routers/user/setting.go
@@ -69,6 +69,20 @@ func SettingPost(ctx *middleware.Context, form auth.UpdateProfileForm) {
 	ctx.Redirect("/user/setting")
 }
 
+func SettingSocial(ctx *middleware.Context) {
+	ctx.Data["Title"] = "Social Account"
+	ctx.Data["PageIsUserSetting"] = true
+	ctx.Data["IsUserPageSettingSocial"] = true
+	socials, err := models.GetOauthByUserId(ctx.User.Id)
+	if err != nil {
+		ctx.Handle(500, "user.SettingSocial", err)
+		return
+	}
+
+	ctx.Data["Socials"] = socials
+	ctx.HTML(200, "user/social")
+}
+
 func SettingPassword(ctx *middleware.Context) {
 	ctx.Data["Title"] = "Password"
 	ctx.Data["PageIsUserSetting"] = true
@@ -147,7 +161,7 @@ func SettingSSHKeys(ctx *middleware.Context, form auth.AddSSHKeyForm) {
 
 	// Add new SSH key.
 	if ctx.Req.Method == "POST" {
-		if hasErr, ok := ctx.Data["HasError"]; ok && hasErr.(bool) {
+		if ctx.HasError() {
 			ctx.HTML(200, "user/publickey")
 			return
 		}
@@ -162,11 +176,13 @@ func SettingSSHKeys(ctx *middleware.Context, form auth.AddSSHKeyForm) {
 				ctx.RenderWithErr("Public key name has been used", "user/publickey", &form)
 				return
 			}
-			ctx.Handle(200, "ssh.AddPublicKey", err)
-			log.Trace("%s User SSH key added: %s", ctx.Req.RequestURI, ctx.User.LowerName)
+			ctx.Handle(500, "ssh.AddPublicKey", err)
 			return
 		} else {
-			ctx.Data["AddSSHKeySuccess"] = true
+			log.Trace("%s User SSH key added: %s", ctx.Req.RequestURI, ctx.User.LowerName)
+			ctx.Flash.Success("New SSH Key has been added!")
+			ctx.Redirect("/user/setting/ssh")
+			return
 		}
 	}
 
diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl
index 31cfb77bad..757a800c20 100644
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -88,12 +88,34 @@
                 <dl class="dl-horizontal admin-dl-horizontal">
                     <dt>Enabled</dt>
                     <dd><i class="fa fa{{if .MailerEnabled}}-check{{end}}-square-o"></i></dd>
-                    <dt>Name</dt>
+                    {{if .MailerEnabled}}<dt>Name</dt>
                     <dd>{{.Mailer.Name}}</dd>
                     <dt>Host</dt>
                     <dd>{{.Mailer.Host}}</dd>
                     <dt>User</dt>
-                    <dd>{{.Mailer.User}}</dd>
+                    <dd>{{.Mailer.User}}</dd>{{end}}
+                </dl>
+            </div>
+        </div>
+
+        <div class="panel panel-default">
+            <div class="panel-heading">
+                OAuth Configuration
+            </div>
+
+            <div class="panel-body">
+                <dl class="dl-horizontal admin-dl-horizontal">
+                    <dt>Enabled</dt>
+                    <dd><i class="fa fa{{if .OauthEnabled}}-check{{end}}-square-o"></i></dd>
+                    {{if .OauthEnabled}}<dt>GitHub</dt>
+                    <dd><i class="fa fa{{if .Oauther.GitHub}}-check{{end}}-square-o"></i></dd>
+                    <dt>Google</dt>
+                    <dd><i class="fa fa{{if .Oauther.Google}}-check{{end}}-square-o"></i></dd>
+                    <dt>Tencent QQ</dt>
+                    <dd><i class="fa fa{{if .Oauther.Tencent}}-check{{end}}-square-o"></i></dd>
+                    <dt>Weibo</dt>
+                    <dd><i class="fa fa{{if .Oauther.Weibo}}-check{{end}}-square-o"></i></dd>
+                    <dd>{{.Mailer.User}}</dd>{{end}}
                 </dl>
             </div>
         </div>
diff --git a/templates/repo/toolbar.tmpl b/templates/repo/toolbar.tmpl
index 9c137e5179..bde5bc29e1 100644
--- a/templates/repo/toolbar.tmpl
+++ b/templates/repo/toolbar.tmpl
@@ -13,7 +13,7 @@
                     <li class="tmp">{{if .IsRepoToolbarIssuesList}}<a href="{{.RepoLink}}/issues/new"><button class="btn btn-primary btn-sm">New Issue</button>
                     </a>{{end}}</li>
                     {{end}}
-                    <li class="{{if .IsRepoToolbarReleases}}active{{end}}"><a href="{{.RepoLink}}/releases">{{if .Repository.NumReleases}}<span class="badge">{{.Repository.NumReleases}}</span> {{end}}Releases</a></li>
+                    <li class="{{if .IsRepoToolbarReleases}}active{{end}}"><a href="{{.RepoLink}}/releases">{{if .Repository.NumTags}}<span class="badge">{{.Repository.NumTags}}</span> {{end}}Releases</a></li>
                     {{if .IsRepoToolbarReleases}}
                     <li class="tmp">{{if not .IsRepoReleaseNew}}<a href="{{.RepoLink}}/releases/new"><button class="btn btn-primary btn-sm">New Release</button></a>{{end}}</li>
                     {{end}}
diff --git a/templates/user/publickey.tmpl b/templates/user/publickey.tmpl
index ecdeb035d2..29cfd8f0eb 100644
--- a/templates/user/publickey.tmpl
+++ b/templates/user/publickey.tmpl
@@ -4,8 +4,8 @@
     {{template "user/setting_nav" .}}
     <div id="user-setting-container" class="col-md-9">
         <div id="ssh-keys">
-            <h4>SSH Keys</h4>{{if .AddSSHKeySuccess}}
-            <p class="alert alert-success">New SSH Key has been added !</p>{{else if .HasError}}<p class="alert alert-danger">{{.ErrorMsg}}</p>{{end}}
+            <h4>SSH Keys</h4>
+            {{template "base/alert" .}}
             <ul id="ssh-keys-list" class="list-group">
                 <li class="list-group-item"><span class="name">SSH Key's name</span></li>
                 {{range .Keys}}
diff --git a/templates/user/setting_nav.tmpl b/templates/user/setting_nav.tmpl
index c0f2ae03dd..9c7ae5208f 100644
--- a/templates/user/setting_nav.tmpl
+++ b/templates/user/setting_nav.tmpl
@@ -2,6 +2,7 @@
     <h4>Account Setting</h4>
     <ul class="list-group">
         <li class="list-group-item{{if .IsUserPageSetting}} list-group-item-success{{end}}"><a href="/user/setting">Account Profile</a></li>
+        <li class="list-group-item{{if .IsUserPageSettingSocial}} list-group-item-success{{end}}"><a href="/user/setting/social">Social Account</a></li>
         <li class="list-group-item{{if .IsUserPageSettingPasswd}} list-group-item-success{{end}}"><a href="/user/setting/password">Password</a></li>
         <!-- <li class="list-group-item{{if .IsUserPageSettingNotify}} list-group-item-success{{end}}"><a href="/user/setting/notification">Notifications</a></li> -->
         <li class="list-group-item{{if .IsUserPageSettingSSH}} list-group-item-success{{end}}"><a href="/user/setting/ssh/">SSH Keys</a></li>
diff --git a/templates/user/signin.tmpl b/templates/user/signin.tmpl
index d402c29238..955c82f430 100644
--- a/templates/user/signin.tmpl
+++ b/templates/user/signin.tmpl
@@ -61,8 +61,9 @@
             </a>-->
             {{if .OauthService.GitHub}}<a href="/user/login/github?next=/user/sign_up" class="btn btn-default"><i class="fa fa-github-square fa-2x"></i><span>GitHub</span></a>{{end}}
             {{if .OauthService.Google}}<a href="/user/login/google?next=/user/sign_up" class="btn btn-default"><i class="fa fa-google-plus-square fa-2x"></i><span>Google</span></a>{{end}}
-            {{if .OauthService.Tencent}}<a href="/user/login/twitter?next=/user/sign_up" class="btn btn-default"><i class="fa fa-twitter-square fa-2x"></i><span>Twitter</span></a>{{end}}
-            {{if .OauthService.Tencent}}<a href="/user/login/qq?next=/user/sign_up" class="btn btn-default"><i class="fa fa-linux fa-2x"></i><span>QQ</span></a>{{end}}
+            {{if .OauthService.Twitter}}<a href="/user/login/twitter?next=/user/sign_up" class="btn btn-default"><i class="fa fa-twitter-square fa-2x"></i><span>Twitter</span></a>{{end}}
+            {{if .OauthService.Tencent}}<a href="/user/login/qq?next=/user/sign_up" class="btn btn-default"><i class="fa fa-linux fa-2x"></i><span>Tencent QQ</span></a>{{end}}
+            {{if .OauthService.Weibo}}<a href="/user/login/weibo?next=/user/sign_up" class="btn btn-default"><i class="fa fa-weibo fa-2x"></i><span>Weibo</span></a>{{end}}
         </div>
         {{end}}{{end}}
     </form>
diff --git a/templates/user/social.tmpl b/templates/user/social.tmpl
new file mode 100644
index 0000000000..f0b1132385
--- /dev/null
+++ b/templates/user/social.tmpl
@@ -0,0 +1,17 @@
+{{template "base/head" .}}
+{{template "base/navbar" .}}
+<div id="body" class="container" data-page="user">
+    {{template "user/setting_nav" .}}
+    <div id="user-setting-container" class="col-md-9">
+        <div id="ssh-keys">
+            <h4>Social Account</h4>
+            {{template "base/alert" .}}
+            <ul id="ssh-keys-list" class="list-group">
+                {{range .Socials}}
+                    <i class="fa {{Oauth2Icon .Type}} fa-3x"></i>
+                {{end}}
+            </ul>
+        </div>
+    </div>
+</div>
+{{template "base/footer" .}}
\ No newline at end of file
diff --git a/web.go b/web.go
index 8ae074ec01..268d9e71da 100644
--- a/web.go
+++ b/web.go
@@ -63,7 +63,7 @@ func runWeb(*cli.Context) {
 		SignInRequire: base.Service.RequireSignInView,
 		DisableCsrf:   true,
 	})
-
+	
 	reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
 
 	bindIgnErr := middleware.BindIgnErr
@@ -108,6 +108,7 @@ func runWeb(*cli.Context) {
 		r.Post("/forget_password", user.ForgotPasswdPost)
 	})
 	m.Group("/user/setting", func(r martini.Router) {
+		r.Get("/social", user.SettingSocial)
 		r.Get("/password", user.SettingPassword)
 		r.Post("/password", bindIgnErr(auth.UpdatePasswdForm{}), user.SettingPasswordPost)
 		r.Any("/ssh", bindIgnErr(auth.AddSSHKeyForm{}), user.SettingSSHKeys)

From 190b83e05eb1ade979c0e17314ab892832d62e5b Mon Sep 17 00:00:00 2001
From: Unknown <joe2010xtmf@163.com>
Date: Sun, 13 Apr 2014 22:20:28 -0400
Subject: [PATCH 3/4] push tag support

---
 models/action.go            | 13 ++++++++-----
 models/update.go            |  2 +-
 templates/release/list.tmpl |  4 ++--
 3 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/models/action.go b/models/action.go
index 3edb884e27..a9a41a9f4d 100644
--- a/models/action.go
+++ b/models/action.go
@@ -6,9 +6,10 @@ package models
 
 import (
 	"encoding/json"
+	"strings"
 	"time"
 
-	// "github.com/gogits/git"
+	"github.com/gogits/git"
 
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/log"
@@ -74,10 +75,12 @@ func CommitRepoAction(userId int64, userName, actEmail string,
 
 	opType := OP_COMMIT_REPO
 	// Check it's tag push or branch.
-	// if git.IsTagExist(RepoPath(userName, repoName), refName) {
-	// 	opType = OP_PUSH_TAG
-	// 	commit = &base.PushCommits{}
-	// }
+	if strings.HasPrefix(refName, "refs/tags/") {
+		opType = OP_PUSH_TAG
+		commit = &base.PushCommits{}
+	}
+
+	refName = git.RefEndName(refName)
 
 	bs, err := json.Marshal(commit)
 	if err != nil {
diff --git a/models/update.go b/models/update.go
index ba0e979348..2f59547b72 100644
--- a/models/update.go
+++ b/models/update.go
@@ -78,7 +78,7 @@ func Update(refName, oldCommitId, newCommitId, userName, repoName string, userId
 
 	//commits = append(commits, []string{lastCommit.Id().String(), lastCommit.Message()})
 	if err = CommitRepoAction(userId, userName, actEmail,
-		repos.Id, repoName, git.RefEndName(refName), &base.PushCommits{l.Len(), commits}); err != nil {
+		repos.Id, repoName, refName, &base.PushCommits{l.Len(), commits}); err != nil {
 		qlog.Fatalf("runUpdate.models.CommitRepoAction: %v", err)
 	}
 }
diff --git a/templates/release/list.tmpl b/templates/release/list.tmpl
index d7c4674e84..9541265c94 100644
--- a/templates/release/list.tmpl
+++ b/templates/release/list.tmpl
@@ -5,8 +5,8 @@
 <div id="body" class="container">
     <div id="release">
         <h4 id="release-head">
-            <span class="release"><strong>Release</strong></span> /
-            <a class="tag" href="/{tag_link}">Tags</a>
+            <span class="release"><strong>Releases</strong></span><!--  /
+            <a class="tag" href="/{tag_link}">Tags</a> -->
             <!-- comment : if in tag page, show a.release and span.tag please -->
         </h4>
         <ul id="release-list" class="list-unstyled">

From f644cefa865c04b440902695ba90114b224c640d Mon Sep 17 00:00:00 2001
From: Unknown <joe2010xtmf@163.com>
Date: Mon, 14 Apr 2014 01:57:25 -0400
Subject: [PATCH 4/4] Finish release

---
 models/models.go            |   2 +-
 models/release.go           |  83 ++++++++++++++++++++++
 modules/auth/release.go     |  50 ++++++++++++++
 modules/base/markdown.go    |   4 ++
 routers/repo/release.go     | 133 +++++++++++++++++++++++++++++++++++-
 templates/release/list.tmpl |  66 ++++++++----------
 templates/release/new.tmpl  |  23 ++++---
 web.go                      |  10 ++-
 8 files changed, 318 insertions(+), 53 deletions(-)
 create mode 100644 models/release.go
 create mode 100644 modules/auth/release.go

diff --git a/models/models.go b/models/models.go
index f1d43531be..0e20a1ab2f 100644
--- a/models/models.go
+++ b/models/models.go
@@ -33,7 +33,7 @@ var (
 func init() {
 	tables = append(tables, new(User), new(PublicKey), new(Repository), new(Watch),
 		new(Action), new(Access), new(Issue), new(Comment), new(Oauth2), new(Follow),
-		new(Mirror))
+		new(Mirror), new(Release))
 }
 
 func LoadModelsConfig() {
diff --git a/models/release.go b/models/release.go
new file mode 100644
index 0000000000..08d74d3f4f
--- /dev/null
+++ b/models/release.go
@@ -0,0 +1,83 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"errors"
+	"strings"
+	"time"
+
+	"github.com/Unknwon/com"
+	"github.com/gogits/git"
+)
+
+var (
+	ErrReleaseAlreadyExist = errors.New("Release already exist")
+)
+
+// Release represents a release of repository.
+type Release struct {
+	Id               int64
+	RepoId           int64
+	PublisherId      int64
+	Publisher        *User `xorm:"-"`
+	Title            string
+	TagName          string
+	LowerTagName     string
+	SHA1             string
+	NumCommits       int
+	NumCommitsBehind int    `xorm:"-"`
+	Note             string `xorm:"TEXT"`
+	IsPrerelease     bool
+	Created          time.Time `xorm:"created"`
+}
+
+// GetReleasesByRepoId returns a list of releases of repository.
+func GetReleasesByRepoId(repoId int64) (rels []*Release, err error) {
+	err = orm.Desc("created").Find(&rels, Release{RepoId: repoId})
+	return rels, err
+}
+
+// IsReleaseExist returns true if release with given tag name already exists.
+func IsReleaseExist(repoId int64, tagName string) (bool, error) {
+	if len(tagName) == 0 {
+		return false, nil
+	}
+
+	return orm.Get(&Release{RepoId: repoId, LowerTagName: strings.ToLower(tagName)})
+}
+
+// CreateRelease creates a new release of repository.
+func CreateRelease(repoPath string, rel *Release, gitRepo *git.Repository) error {
+	isExist, err := IsReleaseExist(rel.RepoId, rel.TagName)
+	if err != nil {
+		return err
+	} else if isExist {
+		return ErrReleaseAlreadyExist
+	}
+
+	if !git.IsTagExist(repoPath, rel.TagName) {
+		_, stderr, err := com.ExecCmdDir(repoPath, "git", "tag", rel.TagName, "-m", "\""+rel.Title+"\"")
+		if err != nil {
+			return err
+		} else if strings.Contains(stderr, "fatal:") {
+			return errors.New(stderr)
+		}
+	} else {
+		commit, err := gitRepo.GetCommitOfTag(rel.TagName)
+		if err != nil {
+			return err
+		}
+
+		rel.NumCommits, err = commit.CommitsCount()
+		if err != nil {
+			return err
+		}
+	}
+
+	rel.LowerTagName = strings.ToLower(rel.TagName)
+	_, err = orm.InsertOne(rel)
+	return err
+}
diff --git a/modules/auth/release.go b/modules/auth/release.go
new file mode 100644
index 0000000000..a29028e0e4
--- /dev/null
+++ b/modules/auth/release.go
@@ -0,0 +1,50 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package auth
+
+import (
+	"net/http"
+	"reflect"
+
+	"github.com/go-martini/martini"
+
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/modules/log"
+)
+
+type NewReleaseForm struct {
+	TagName    string `form:"tag_name" binding:"Required"`
+	Title      string `form:"title" binding:"Required"`
+	Content    string `form:"content" binding:"Required"`
+	Prerelease bool   `form:"prerelease"`
+}
+
+func (f *NewReleaseForm) Name(field string) string {
+	names := map[string]string{
+		"TagName": "Tag name",
+		"Title":   "Release title",
+		"Content": "Release content",
+	}
+	return names[field]
+}
+
+func (f *NewReleaseForm) Validate(errors *base.BindingErrors, req *http.Request, context martini.Context) {
+	if req.Method == "GET" || errors.Count() == 0 {
+		return
+	}
+
+	data := context.Get(reflect.TypeOf(base.TmplData{})).Interface().(base.TmplData)
+	data["HasError"] = true
+	AssignForm(f, data)
+
+	if len(errors.Overall) > 0 {
+		for _, err := range errors.Overall {
+			log.Error("NewReleaseForm.Validate: %v", err)
+		}
+		return
+	}
+
+	validate(errors, data, f)
+}
diff --git a/modules/base/markdown.go b/modules/base/markdown.go
index cc1807750d..95b4b212fd 100644
--- a/modules/base/markdown.go
+++ b/modules/base/markdown.go
@@ -166,3 +166,7 @@ func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte {
 	// fmt.Println(string(body))
 	return body
 }
+
+func RenderMarkdownString(raw, urlPrefix string) string {
+	return string(RenderMarkdown([]byte(raw), urlPrefix))
+}
diff --git a/routers/repo/release.go b/routers/repo/release.go
index 3d549bf773..a4baa4792c 100644
--- a/routers/repo/release.go
+++ b/routers/repo/release.go
@@ -5,25 +5,152 @@
 package repo
 
 import (
+	"sort"
+
+	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/auth"
+	"github.com/gogits/gogs/modules/base"
+	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/middleware"
 )
 
+type ReleaseSorter struct {
+	rels []*models.Release
+}
+
+func (rs *ReleaseSorter) Len() int {
+	return len(rs.rels)
+}
+
+func (rs *ReleaseSorter) Less(i, j int) bool {
+	return rs.rels[i].NumCommits > rs.rels[j].NumCommits
+}
+
+func (rs *ReleaseSorter) Swap(i, j int) {
+	rs.rels[i], rs.rels[j] = rs.rels[j], rs.rels[i]
+}
+
 func Releases(ctx *middleware.Context) {
 	ctx.Data["Title"] = "Releases"
 	ctx.Data["IsRepoToolbarReleases"] = true
 	ctx.Data["IsRepoReleaseNew"] = false
-	tags, err := ctx.Repo.GitRepo.GetTags()
+	rawTags, err := ctx.Repo.GitRepo.GetTags()
 	if err != nil {
-		ctx.Handle(404, "repo.Releases(GetTags)", err)
+		ctx.Handle(500, "release.Releases(GetTags)", err)
 		return
 	}
-	ctx.Data["Releases"] = tags
+
+	rels, err := models.GetReleasesByRepoId(ctx.Repo.Repository.Id)
+	if err != nil {
+		ctx.Handle(500, "release.Releases(GetReleasesByRepoId)", err)
+		return
+	}
+
+	commitsCount, err := ctx.Repo.Commit.CommitsCount()
+	if err != nil {
+		ctx.Handle(500, "release.Releases(CommitsCount)", err)
+		return
+	}
+
+	var tags ReleaseSorter
+	tags.rels = make([]*models.Release, len(rawTags))
+	for i, rawTag := range rawTags {
+		for _, rel := range rels {
+			if rel.TagName == rawTag {
+				rel.Publisher, err = models.GetUserById(rel.PublisherId)
+				if err != nil {
+					ctx.Handle(500, "release.Releases(GetUserById)", err)
+					return
+				}
+				rel.NumCommitsBehind = commitsCount - rel.NumCommits
+				rel.Note = base.RenderMarkdownString(rel.Note, ctx.Repo.RepoLink)
+				tags.rels[i] = rel
+				break
+			}
+		}
+
+		if tags.rels[i] == nil {
+			commit, err := ctx.Repo.GitRepo.GetCommitOfTag(rawTag)
+			if err != nil {
+				ctx.Handle(500, "release.Releases(GetCommitOfTag)", err)
+				return
+			}
+
+			tags.rels[i] = &models.Release{
+				Title:   rawTag,
+				TagName: rawTag,
+				SHA1:    commit.Id.String(),
+			}
+			tags.rels[i].NumCommits, err = ctx.Repo.GitRepo.CommitsCount(commit.Id.String())
+			if err != nil {
+				ctx.Handle(500, "release.Releases(CommitsCount)", err)
+				return
+			}
+			tags.rels[i].NumCommitsBehind = commitsCount - tags.rels[i].NumCommits
+			tags.rels[i].Created = commit.Author.When
+		}
+	}
+
+	sort.Sort(&tags)
+
+	ctx.Data["Releases"] = tags.rels
 	ctx.HTML(200, "release/list")
 }
 
 func ReleasesNew(ctx *middleware.Context) {
+	if !ctx.Repo.IsOwner {
+		ctx.Handle(404, "release.ReleasesNew", nil)
+		return
+	}
+
 	ctx.Data["Title"] = "New Release"
 	ctx.Data["IsRepoToolbarReleases"] = true
 	ctx.Data["IsRepoReleaseNew"] = true
 	ctx.HTML(200, "release/new")
 }
+
+func ReleasesNewPost(ctx *middleware.Context, form auth.NewReleaseForm) {
+	if !ctx.Repo.IsOwner {
+		ctx.Handle(404, "release.ReleasesNew", nil)
+		return
+	}
+
+	ctx.Data["Title"] = "New Release"
+	ctx.Data["IsRepoToolbarReleases"] = true
+	ctx.Data["IsRepoReleaseNew"] = true
+
+	if ctx.HasError() {
+		ctx.HTML(200, "release/new")
+		return
+	}
+
+	commitsCount, err := ctx.Repo.Commit.CommitsCount()
+	if err != nil {
+		ctx.Handle(500, "release.ReleasesNewPost(CommitsCount)", err)
+		return
+	}
+
+	rel := &models.Release{
+		RepoId:       ctx.Repo.Repository.Id,
+		PublisherId:  ctx.User.Id,
+		Title:        form.Title,
+		TagName:      form.TagName,
+		SHA1:         ctx.Repo.Commit.Id.String(),
+		NumCommits:   commitsCount,
+		Note:         form.Content,
+		IsPrerelease: form.Prerelease,
+	}
+
+	if err = models.CreateRelease(models.RepoPath(ctx.User.Name, ctx.Repo.Repository.Name),
+		rel, ctx.Repo.GitRepo); err != nil {
+		if err == models.ErrReleaseAlreadyExist {
+			ctx.RenderWithErr("Release with this tag name has already existed", "release/new", &form)
+		} else {
+			ctx.Handle(500, "release.ReleasesNewPost(IsReleaseExist)", err)
+		}
+		return
+	}
+	log.Trace("%s Release created: %s/%s:%s", ctx.Req.RequestURI, ctx.User.LowerName, ctx.Repo.Repository.Name, form.TagName)
+
+	ctx.Redirect(ctx.Repo.RepoLink + "/releases")
+}
diff --git a/templates/release/list.tmpl b/templates/release/list.tmpl
index 9541265c94..dd37e9c1a2 100644
--- a/templates/release/list.tmpl
+++ b/templates/release/list.tmpl
@@ -10,50 +10,47 @@
             <!-- comment : if in tag page, show a.release and span.tag please -->
         </h4>
         <ul id="release-list" class="list-unstyled">
-            <li class="release-item release-tag clearfix" id="release-tag-{release_tag_id}">
+            {{range .Releases}}
+            <li class="release-item clearfix" id="release-{{.SHA1}}">
+                {{if .PublisherId}}
                 <div class="col-md-2 text-right">
-                    <a class="commit" href="{commit_link}"><i class="fa fa-code"></i>commit-sha</a>
+                    {{if .IsPrerelease}}<span class="btn btn-warning status pre-release">Pre-Release</span>{{else}}<span class="btn btn-success status stable">Stable</span>{{end}}
+                    <a class="tag" href="{{$.RepoLink}}/src/{{.TagName}}"><i class="fa fa-tag"></i>{{.TagName}}</a>
+                    <a class="commit" href="{{$.RepoLink}}/src/{{.SHA1}}"><i class="fa fa-code"></i>{{ShortSha .SHA1}}</a>
                 </div>
                 <div class="col-md-10">
-                    <h5 class="title"><a href="{release_single_link}">Release Tag</a><i class="fa fa-tag"></i></h5>
+                    <h4 class="title"><a href="{{$.RepoLink}}/src/{{.TagName}}">{{.Title}}</a></h4>
                     <p class="info">
-                        <span class="author"><img class="avatar" src="http://1.gravatar.com/avatar/f72f7454ce9d710baa506394f68f4132" alt="" width="20">&nbsp;&nbsp;
-                        <a href="/user/fuxiaohei">fuxiaohei</a></span>
-                        <span class="time">1 week ago</span>
-                        <span class="ahead"><strong>0</strong> commits since this tag</span>
-                    </p>
-                    <p class="download">
-                        <a class="download-link" href="{release_download_link}"><i class="fa fa-download"></i>zip</a>
-                        <a class="download-link" href="{release_download_link}"><i class="fa fa-download"></i>tar.gz</a>
-                    </p>
-                    <span class="dot">&nbsp;</span>
-                </div>
-            </li>
-            <li class="release-item clearfix" id="release-{release_id}">
-                <div class="col-md-2 text-right">
-                    <span class="btn btn-success status stable">Stable</span>
-                    <a class="tag" href="{commit_link}"><i class="fa fa-tag"></i>release tag</a>
-                    <a class="commit" href="{commit_link}"><i class="fa fa-code"></i>commit-sha</a>
-                </div>
-                <div class="col-md-10">
-                    <h4 class="title"><a href="{release_single_link}">Release Title</a></h4>
-                    <p class="info">
-                        <span class="author"><img class="avatar" src="http://1.gravatar.com/avatar/f72f7454ce9d710baa506394f68f4132" alt="" width="20">&nbsp;&nbsp;
-                        <a href="/user/fuxiaohei">fuxiaohei</a></span>
-                        <span class="time">1 week ago</span>
-                        <span class="ahead"><strong>0</strong> commits since this tag</span>
+                        <span class="author"><img class="avatar" src="{{.Publisher.AvatarLink}}" alt="" width="20">&nbsp;&nbsp;
+                        <a href="/user/{{.Publisher.Name}}">{{.Publisher.Name}}</a></span>
+                        {{if .Created}}<span class="time">{{TimeSince .Created}}</span>{{end}}
+                        <span class="ahead"><strong>{{.NumCommitsBehind}}</strong> commits since this release</span>
                     </p>
                     <div class="markdown desc">
-                        release descriptions, support markdown content
+                        {{str2html .Note}}
                     </div>
                     <p class="download">
-                        <a class="btn btn-default" href="{release_download_link}"><i class="fa fa-download"></i>Source Code (ZIP)</a>
-                        <a class="btn btn-default" href="{release_download_link}"><i class="fa fa-download"></i>Source Code (TAR.GZ)</a>
+                        <a class="btn btn-default" href="{{$.RepoLink}}/archive/{{.TagName}}/{{$.Repository.Name}}.zip"><i class="fa fa-download"></i>Source Code (ZIP)</a>
+                        <!-- <a class="btn btn-default" href="{release_download_link}"><i class="fa fa-download"></i>Source Code (TAR.GZ)</a> -->
                     </p>
                     <span class="dot">&nbsp;</span>
                 </div>
+                {{else}}
+                <div class="col-md-2 text-right">
+                    <a class="commit" href="{{$.RepoLink}}/src/{{.SHA1}}"><i class="fa fa-code"></i>{{ShortSha .SHA1}}</a>
+                </div>
+                <div class="col-md-10">
+                    <h5 class="title"><a href="{{$.RepoLink}}/src/{{.TagName}}">{{.TagName}}</a><i class="fa fa-tag"></i></h5>
+                    <p class="download">
+                        <a class="download-link" href="{{$.RepoLink}}/archive/{{.TagName}}/{{$.Repository.Name}}.zip"><i class="fa fa-download"></i>zip</a>
+                        <!-- <a class="download-link" href="{release_download_link}"><i class="fa fa-download"></i>tar.gz</a> -->
+                    </p>
+                    <span class="dot">&nbsp;</span>
+                </div>
+                {{end}}
             </li>
-            <li class="release-item clearfix" id="release-{release_id}">
+            {{end}}
+            <!-- <li class="release-item clearfix" id="release-{release_id}">
                 <div class="col-md-2 text-right">
                     <span class="btn btn-warning status pre-release">Pre-Release</span>
                     <a class="tag" href="{commit_link}"><i class="fa fa-tag"></i>release tag</a>
@@ -76,11 +73,8 @@
                     </p>
                     <span class="dot">&nbsp;</span>
                 </div>
-            </li>
+            </li> -->
         </ul>
     </div>
-    {{range .Releases}}
-        {{.}}
-    {{end}}
 </div>
 {{template "base/footer" .}}
\ No newline at end of file
diff --git a/templates/release/new.tmpl b/templates/release/new.tmpl
index fe5aa179c9..439496ea62 100644
--- a/templates/release/new.tmpl
+++ b/templates/release/new.tmpl
@@ -5,30 +5,34 @@
 <div id="body" class="container">
     <div id="release">
         <h4 id="release-head">New Release</h4>
-        <form id="release-new-form" action="" class="form form-inline">
+        {{template "base/alert" .}}
+        <form id="release-new-form" action="{{.RepoLink}}/releases/new" method="post" class="form form-inline">
+            {{.CsrfTokenHtml}}
             <div class="form-group">
-                <input id="release-tag-name" type="text" class="form-control" placeholder="tag name"/>
+                <input id="tag-name" name="tag_name" type="text" class="form-control" placeholder="tag name" value="{{.tag_name}}" />
                 <span class="target-at">@</span>
                 <div class="btn-group" id="release-new-target-select">
                     <button type="button" class="btn btn-default"><i class="fa fa-code-fork fa-lg fa-m"></i>
                         <span class="target-text">Target : </span>
-                        <strong id="release-new-target-name"> master</strong>
+                        <strong id="release-new-target-name"> {{.Repository.DefaultBranch}}</strong>
                     </button>
                     <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
                         <span class="caret"></span>
                     </button>
                     <div class="dropdown-menu clone-group-btn" id="release-new-target-branch-list">
                         <ul class="list-group">
+                            {{range .Branches}}
                             <li class="list-group-item">
-                                <a href="#" rel="master"><i class="fa fa-code-fork"></i>master</a>
+                                <a href="#" rel="{{.}}"><i class="fa fa-code-fork"></i>{{.}}</a>
                             </li>
+                            {{end}}
                         </ul>
                     </div>
                 </div>
-                <p class="help-block">Choose an existing tag without release notes</p>
+                <p class="help-block">Choose an existing tag, or create a new tag on publish</p>
             </div>
             <div class="form-group" style="display: block">
-                <input class="form-control input-lg" id="release-new-title" name="title" type="text" placeholder="release title"/>
+                <input class="form-control input-lg" id="release-new-title" name="title" type="text" placeholder="release title" value="{{.title}}" />
             </div>
             <div class="form-group col-md-8" style="display: block" id="release-new-content-div">
                 <div class="md-help pull-right">
@@ -41,7 +45,7 @@
                 <div class="tab-content">
                     <div class="tab-pane active" id="release-textarea">
                         <div class="form-group">
-                            <textarea class="form-control" name="content" id="release-new-content" rows="10" placeholder="Write some content" data-ajax-rel="release-preview" data-ajax-val="val" data-ajax-field="content"></textarea>
+                            <textarea class="form-control" name="content" id="release-new-content" rows="10" placeholder="Write some content" data-ajax-rel="release-preview" data-ajax-val="val" data-ajax-field="content">{{.content}}</textarea>
                         </div>
                     </div>
                     <div class="tab-pane release-preview-content" id="release-preview">loading...</div>
@@ -50,15 +54,14 @@
             <div class="text-right form-group col-md-8" style="display: block">
                 <hr/>
                 <label for="release-new-pre-release">
-                    <input id="release-new-pre-release" type="checkbox" name="is-pre-release" value="true"/>
+                    <input id="release-new-pre-release" type="checkbox" name="prerelease" {{if .prerelease}}checked{{end}}/>
                     <strong>This is a pre-release</strong>
                 </label>
                 <p class="help-block">We’ll point out that this release is identified as non-production ready.</p>
             </div>
             <div class="text-right form-group col-md-8" style="display: block">
-                <input type="hidden" value="id" name="repo-id">
                 <button class="btn-success btn">Publish release</button>
-                <input class="btn btn-default" type="submit" name="is-draft" value="Save Draft"/>
+                <!-- <input class="btn btn-default" type="submit" name="draft" value="Save Draft"/> -->
             </div>
         </form>
     </div>
diff --git a/web.go b/web.go
index 268d9e71da..04c41b9d29 100644
--- a/web.go
+++ b/web.go
@@ -63,7 +63,7 @@ func runWeb(*cli.Context) {
 		SignInRequire: base.Service.RequireSignInView,
 		DisableCsrf:   true,
 	})
-	
+
 	reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
 
 	bindIgnErr := middleware.BindIgnErr
@@ -153,13 +153,16 @@ func runWeb(*cli.Context) {
 		r.Post("/issues/new", bindIgnErr(auth.CreateIssueForm{}), repo.CreateIssuePost)
 		r.Post("/issues/:index", bindIgnErr(auth.CreateIssueForm{}), repo.UpdateIssue)
 		r.Post("/comment/:action", repo.Comment)
+		r.Get("/releases/new", repo.ReleasesNew)
 	}, reqSignIn, middleware.RepoAssignment(true))
 
+	m.Group("/:username/:reponame", func(r martini.Router) {
+		r.Post("/releases/new", bindIgnErr(auth.NewReleaseForm{}), repo.ReleasesNewPost)
+	}, reqSignIn, middleware.RepoAssignment(true, true))
+
 	m.Group("/:username/:reponame", func(r martini.Router) {
 		r.Get("/issues", repo.Issues)
 		r.Get("/issues/:index", repo.ViewIssue)
-		r.Get("/releases", repo.Releases)
-		r.Any("/releases/new", repo.ReleasesNew) // TODO:
 		r.Get("/pulls", repo.Pulls)
 		r.Get("/branches", repo.Branches)
 	}, ignSignIn, middleware.RepoAssignment(true))
@@ -172,6 +175,7 @@ func runWeb(*cli.Context) {
 		r.Get("/commits/:branchname/search", repo.SearchCommits)
 		r.Get("/commit/:branchname", repo.Diff)
 		r.Get("/commit/:branchname/**", repo.Diff)
+		r.Get("/releases", repo.Releases)
 	}, ignSignIn, middleware.RepoAssignment(true, true))
 
 	m.Group("/:username", func(r martini.Router) {