Commit graph

101 commits

Author SHA1 Message Date
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
derSuessmann 51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering 6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Denis Denisov 380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Lunny Xiao b4c794058a fixed vulnerabilities (#392) 2016-12-15 16:49:06 +08:00
Bwko a4ece1f223 Fixes typos 2016-11-27 12:59:12 +01:00
Lunny Xiao 94da472717 Golint fixed for modules/setting (#262)
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Lunny Xiao cf045b029c golint fixed for parts of routers root, dev, user and org dirs (#167)
* golint fixed for parts of routers root, dev and org dirs

* add user/auth.go golint fixed

* rename unnecessary exported to unexported and user dir golint fixed
2016-11-18 11:03:03 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Sandro Santilli b7bf9dfd28 more 2016-11-07 17:55:31 +01:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Unknwon 780cc2d110 router/repo: code refactoring 2016-08-30 02:08:38 -07:00
Sandro Santilli 90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon 1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Unknwon f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Unknwon 514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Tamás Molnár 9c91e27933 Added: Ability to delete org avatar. 2016-03-06 17:36:30 +01:00
Unknwon a2f13eae55 #1157 some avatar setting changes
- Allow to delete current avatar
2016-03-05 00:51:51 -05:00
Unknwon b117befc2b #1692 add user email APIs 2015-12-15 22:57:18 -05:00
Unknwon 0cce4439ce #2154 minor fix 2015-12-11 21:23:19 -05:00
Unknwon 477b4d3b50 #2154 fix form submit error 2015-12-11 18:52:28 -05:00
Unknwon d0b0d24f22 #2154 disable change user for non-local users
- #2153 remove require for gravatar
2015-12-11 15:31:02 -05:00
Unknwon cc8f5add6e fix #976 2015-12-03 00:24:37 -05:00
Unknwon 7f9598141b fix #2020 2015-11-24 18:49:34 -05:00
Unknwon f455125d4d fix #878 2015-11-18 21:21:47 -05:00
Unknwon acf428863c fix #981 2015-09-17 17:21:27 -04:00
Unknwon 3fb1b6a608 drop oauth2 feature support 2015-09-17 16:11:44 -04:00
Unknwon 373731f5e8 user gomail and new activate account email tpl
- #1496: fallback plain text
- #1002: add date header
- #913: fix encoding of header
2015-09-17 01:54:12 -04:00
Unknwon 52ec80fa18 finish all new user settings UI 2015-09-10 11:40:34 -04:00
Unknwon c38754d432 #1191 allow upload avatar for org
Signed-off-by: Unknwon <u@gogs.io>
2015-09-06 17:12:02 -04:00
Unknwon 85f34ba538 new user profile settings UI
Signed-off-by: Unknwon <u@gogs.io>
2015-09-06 16:31:22 -04:00
Unknwon 062adbed8a add confirmation to delete ssh key 2015-08-20 17:11:29 +08:00
Unknwon 4c7b6414eb new access token UI 2015-08-19 03:36:16 +08:00
Unknwon 2493454587 new delete account UI and password confirmation 2015-08-19 02:49:44 +08:00
Unknwon 407385db7e work on #1493 2015-08-17 17:05:37 +08:00
Unknwon 39a3b768bc #334: Add Deployment Key Support 2015-08-06 22:48:11 +08:00
Unknwon 698b9e2acc #1070 Clearer error message for illegal characters 2015-03-26 17:11:47 -04:00
Unknwon 1cb57b1a44 #1094: fix locale 2015-03-19 15:26:04 -04:00
Unknwon 466facc009 #1067: Deleting users should remove them from collaborator lists
- fix delete user but repository watches are not decreased
2015-03-17 21:51:39 -04:00
Unknwon 04164eada3 models: able to rename user with diff letter cases #981
- templates/org: mirror fix on name output
- routers: add missing error check
2015-02-22 18:24:49 -05:00
Unknwon 1654e9ecab templates/user/settings/emial.tmpl: little fix on UI
- routers/user: little code format
- conf/locale: update French locale
2015-02-21 22:13:47 -05:00
Peter Smit 6251626de4 Implement #798 Flexible ssh-key input
It is now possible to input ssh keys in a number of formats: openssh, SSH2 or just the base64 encoded key.
2015-01-02 15:38:11 +02:00
Peter 20b5c23a19 Small fixes to multiple_emails feature 2014-12-20 09:26:51 +02:00
Peter b033f2f535 Finish method for having multiple emails/user.
All basics are implemented. Missing are the right (localized) strings
and the page markup could have a look at by a frontend guy.
2014-12-17 17:42:54 +02:00
Unknwon dc53270da9 Fix 653 2014-11-22 10:22:53 -05:00
Unknwon ef275ebf62 more on change avatar 2014-11-21 12:51:36 -05:00
Unknwon 55dfe2c978 custom avatar upload 2014-11-21 10:58:08 -05:00
Unknwon 9e22840483 fix #622 2014-11-13 05:27:01 -05:00
Unknwon 8c9338a537 add personal access token panel #12 2014-11-12 06:48:50 -05:00