fix .netrc authentication (#2700)
* provide both possible authentication solutions Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
This commit is contained in:
parent
1ec4dc6c1d
commit
4ccb0fe338
|
@ -139,8 +139,16 @@ func HTTP(ctx *context.Context) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if authUser == nil {
|
if authUser == nil {
|
||||||
authUser, err = models.GetUserByName(authUsername)
|
isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
|
||||||
|
|
||||||
|
// Assume username is token
|
||||||
|
authToken := authUsername
|
||||||
|
|
||||||
|
if !isUsernameToken {
|
||||||
|
// Assume password is token
|
||||||
|
authToken = authPasswd
|
||||||
|
|
||||||
|
authUser, err = models.GetUserByName(authUsername)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if models.IsErrUserNotExist(err) {
|
if models.IsErrUserNotExist(err) {
|
||||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||||
|
@ -149,9 +157,10 @@ func HTTP(ctx *context.Context) {
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Assume password is a token.
|
// Assume password is a token.
|
||||||
token, err := models.GetAccessTokenBySHA(authPasswd)
|
token, err := models.GetAccessTokenBySHA(authToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
|
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
|
||||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||||
|
@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if authUser.ID != token.UID {
|
if isUsernameToken {
|
||||||
|
authUser, err = models.GetUserByID(token.UID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
} else if authUser.ID != token.UID {
|
||||||
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
|
||||||
if err = models.UpdateAccessToken(token); err != nil {
|
if err = models.UpdateAccessToken(token); err != nil {
|
||||||
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
|
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
_, err = models.GetTwoFactorByUID(authUser.ID)
|
_, err = models.GetTwoFactorByUID(authUser.ID)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue