Commit Graph

99 Commits

Author SHA1 Message Date
Willem van Dreumel
8947b711aa Link OAuth2 account to 2FA enabled account (fix #1050) (#1052)
* fixes #1050 where linking an account to a 2fa enabled account failed because we forgot to really link the account when 2fa is completed

* handle errors
2017-02-27 18:10:26 +08:00
Lunny Xiao
19b3c45ca7 fix 500 when use a duplicat email instead of giving an error tip (#1040) 2017-02-25 22:57:06 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Bwko
f27d87d93b Added minimum password length to app.ini (#223) 2016-12-24 21:40:44 +08:00
Denis Denisov
380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Lunny Xiao
94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Lunny Xiao
cf045b029c golint fixed for parts of routers root, dev, user and org dirs (#167)
* golint fixed for parts of routers root, dev and org dirs

* add user/auth.go golint fixed

* rename unnecessary exported to unexported and user dir golint fixed
2016-11-18 11:03:03 +08:00
Thibault Meyer
ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli
4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Joubert RedRat
f91cbf0fed Support to last login feature 2016-11-09 08:53:45 -02:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
LefsFlare
2cb5ec5983 Prevented user enumeration of valid users through HTTP status codes of login (#3639) (#3654) 2016-10-16 22:08:40 -04:00
Unknwon
f0b5c3b90a #3448 redirect if any after sign in 2016-08-27 15:07:02 -07:00
Unknwon
1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Unknwon
f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Unknwon
8966f5635d Merge pull request #2823 from zacheryph/feature/local-only-password-reset
Prevent `Forgot Password` for non local users
2016-03-14 16:44:05 -04:00
Zachery Hostens
63e21c146a ensure we don’t try changing LDAP passswords 2016-03-14 09:40:16 -05:00
Unknwon
b4f47a7623 #1891 attempt to fix invalid csrf token 2016-03-12 20:56:03 -05:00
Unknwon
514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Unknwon
7f9598141b fix #2020 2015-11-24 18:49:34 -05:00
Unknwon
dc0c0dc06b fix typo for #1996 2015-11-19 11:52:39 -05:00
Unknwon
9330c943cd work on #1891 2015-11-18 23:52:09 -05:00
Unknwon
932dbccb67 fix import path, fix #1782 2015-10-15 21:28:12 -04:00
Unknwon
3fb1b6a608 drop oauth2 feature support 2015-09-17 16:11:44 -04:00
Unknwon
9d36fc6986 finish new auth e-mails 2015-09-17 14:57:24 -04:00
Unknwon
373731f5e8 user gomail and new activate account email tpl
- #1496: fallback plain text
- #1002: add date header
- #913: fix encoding of header
2015-09-17 01:54:12 -04:00
Unknwon
83e747bfda #697 and #1606 and new admin edit user UI 2015-09-13 11:07:21 -04:00
Unknwon
8e0a69f86a #697 disable captcha and new admin create user UI 2015-09-13 09:51:51 -04:00
Unknwon
47ac579f09 only assign auto-admin when sign up by web 2015-08-19 04:58:45 +08:00
Unknwon
817b48ed1e Show owner/poster tags of comments and fix #1312 2015-08-14 02:43:40 +08:00
Unknwon
e50982f5ec allow anonymous SSH clone 2015-08-05 11:14:17 +08:00
Unknwon
698b9e2acc #1070 Clearer error message for illegal characters 2015-03-26 17:11:47 -04:00
Unknwon
1654e9ecab templates/user/settings/emial.tmpl: little fix on UI
- routers/user: little code format
- conf/locale: update French locale
2015-02-21 22:13:47 -05:00
无闻
a18decf4cc Merge pull request #755 from phsmit/multiple_emails
Multiple emails
2014-12-20 22:47:05 -05:00
Unknwon
57b3be4016 work on #756 2014-12-17 23:04:05 -05:00
Peter
ec71d538fc Method for activating email addresses through verification email 2014-12-17 17:41:49 +02:00
Unknwon
146c8efee3 Fix API broken 2014-10-18 23:42:43 -04:00
Unknwon
3abc41ccca Fix API broken 2014-10-18 23:26:55 -04:00
Martin van Beurden
976f1486e0 Set cookiepath to AppSubUrl 2014-09-21 14:25:22 +02:00
Unknwon
7ba9257a7f Add suburl support 2014-09-19 20:11:34 -04:00
Martin van Beurden
0055cbd365 Allow Gogs to run from a suburl behind a reverse proxy. e.g. http://mydomain.com/gogs/
Conflicts:
	modules/setting/setting.go

Conflicts:
	templates/repo/release/list.tmpl
	templates/user/dashboard/dashboard.tmpl

Conflicts:
	routers/repo/setting.go
2014-09-18 20:50:48 +02:00
Unknwon
632b1b694d Fix #465 2014-09-15 09:56:12 -04:00
Unknwon
bba707de36 Finish team list, create new team, join/leave team page 2014-08-16 16:21:17 +08:00
Unknwon
7af7584d25 Finish new reset password, etc. 2014-08-09 21:02:00 -07:00
Unknwon
78defd238c Page: Manage social accounts 2014-08-09 17:25:02 -07:00
Unknwon
e8c9bb2c66 Finish new collaboration page 2014-08-07 06:40:05 -04:00
Unknwon
7bbf644dd5 Convert captcha, cache, csrf as middlewares 2014-07-31 17:25:34 -04:00
Unknwon
8dd07c0ddd New UI merge in progress 2014-07-26 00:24:27 -04:00