user.go 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package user
  5. import (
  6. "net/url"
  7. "strings"
  8. "github.com/gogits/gogs/models"
  9. "github.com/gogits/gogs/modules/auth"
  10. "github.com/gogits/gogs/modules/base"
  11. "github.com/gogits/gogs/modules/log"
  12. "github.com/gogits/gogs/modules/mailer"
  13. "github.com/gogits/gogs/modules/middleware"
  14. )
  15. func SignIn(ctx *middleware.Context) {
  16. ctx.Data["Title"] = "Log In"
  17. if _, ok := ctx.Session.Get("socialId").(int64); ok {
  18. ctx.Data["IsSocialLogin"] = true
  19. ctx.HTML(200, "user/signin")
  20. return
  21. }
  22. if base.OauthService != nil {
  23. ctx.Data["OauthEnabled"] = true
  24. ctx.Data["OauthService"] = base.OauthService
  25. }
  26. // Check auto-login.
  27. userName := ctx.GetCookie(base.CookieUserName)
  28. if len(userName) == 0 {
  29. ctx.HTML(200, "user/signin")
  30. return
  31. }
  32. isSucceed := false
  33. defer func() {
  34. if !isSucceed {
  35. log.Trace("user.SignIn(auto-login cookie cleared): %s", userName)
  36. ctx.SetCookie(base.CookieUserName, "", -1)
  37. ctx.SetCookie(base.CookieRememberName, "", -1)
  38. return
  39. }
  40. }()
  41. user, err := models.GetUserByName(userName)
  42. if err != nil {
  43. ctx.Handle(500, "user.SignIn(GetUserByName)", err)
  44. return
  45. }
  46. secret := base.EncodeMd5(user.Rands + user.Passwd)
  47. value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName)
  48. if value != user.Name {
  49. ctx.HTML(200, "user/signin")
  50. return
  51. }
  52. isSucceed = true
  53. ctx.Session.Set("userId", user.Id)
  54. ctx.Session.Set("userName", user.Name)
  55. if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  56. ctx.SetCookie("redirect_to", "", -1)
  57. ctx.Redirect(redirectTo)
  58. return
  59. }
  60. ctx.Redirect("/")
  61. }
  62. func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
  63. ctx.Data["Title"] = "Log In"
  64. sid, isOauth := ctx.Session.Get("socialId").(int64)
  65. if isOauth {
  66. ctx.Data["IsSocialLogin"] = true
  67. } else if base.OauthService != nil {
  68. ctx.Data["OauthEnabled"] = true
  69. ctx.Data["OauthService"] = base.OauthService
  70. }
  71. if ctx.HasError() {
  72. println("shit")
  73. ctx.HTML(200, "user/signin")
  74. return
  75. }
  76. var user *models.User
  77. var err error
  78. if base.Service.LdapAuth {
  79. user, err = models.LoginUserLdap(form.UserName, form.Password)
  80. if err != nil {
  81. log.Error("Fail to login through LDAP: %v", err)
  82. }
  83. }
  84. // try local if not LDAP or it's failed
  85. if !base.Service.LdapAuth || err != nil {
  86. user, err = models.LoginUserPlain(form.UserName, form.Password)
  87. }
  88. if err != nil {
  89. if err == models.ErrUserNotExist {
  90. log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password)
  91. ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
  92. return
  93. }
  94. ctx.Handle(500, "user.SignIn", err)
  95. return
  96. }
  97. if form.Remember {
  98. secret := base.EncodeMd5(user.Rands + user.Passwd)
  99. days := 86400 * base.LogInRememberDays
  100. ctx.SetCookie(base.CookieUserName, user.Name, days)
  101. ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
  102. }
  103. // Bind with social account.
  104. if isOauth {
  105. if err = models.BindUserOauth2(user.Id, sid); err != nil {
  106. if err == models.ErrOauth2RecordNotExist {
  107. ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err)
  108. } else {
  109. ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err)
  110. }
  111. return
  112. }
  113. ctx.Session.Delete("socialId")
  114. log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  115. }
  116. ctx.Session.Set("userId", user.Id)
  117. ctx.Session.Set("userName", user.Name)
  118. if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  119. ctx.SetCookie("redirect_to", "", -1)
  120. ctx.Redirect(redirectTo)
  121. return
  122. }
  123. ctx.Redirect("/")
  124. }
  125. func SignOut(ctx *middleware.Context) {
  126. ctx.Session.Delete("userId")
  127. ctx.Session.Delete("userName")
  128. ctx.Session.Delete("socialId")
  129. ctx.Session.Delete("socialName")
  130. ctx.Session.Delete("socialEmail")
  131. ctx.SetCookie(base.CookieUserName, "", -1)
  132. ctx.SetCookie(base.CookieRememberName, "", -1)
  133. ctx.Redirect("/")
  134. }
  135. func SignUp(ctx *middleware.Context) {
  136. ctx.Data["Title"] = "Sign Up"
  137. ctx.Data["PageIsSignUp"] = true
  138. if base.Service.DisableRegistration {
  139. ctx.Data["DisableRegistration"] = true
  140. ctx.HTML(200, "user/signup")
  141. return
  142. }
  143. if sid, ok := ctx.Session.Get("socialId").(int64); ok {
  144. oauthSignUp(ctx, sid)
  145. return
  146. }
  147. ctx.HTML(200, "user/signup")
  148. }
  149. func oauthSignUp(ctx *middleware.Context, sid int64) {
  150. ctx.Data["Title"] = "OAuth Sign Up"
  151. ctx.Data["PageIsSignUp"] = true
  152. if _, err := models.GetOauth2ById(sid); err != nil {
  153. if err == models.ErrOauth2RecordNotExist {
  154. ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
  155. } else {
  156. ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
  157. }
  158. return
  159. }
  160. ctx.Data["IsSocialLogin"] = true
  161. ctx.Data["username"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1)
  162. ctx.Data["email"] = ctx.Session.Get("socialEmail")
  163. log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
  164. ctx.HTML(200, "user/signup")
  165. }
  166. func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
  167. ctx.Data["Title"] = "Sign Up"
  168. ctx.Data["PageIsSignUp"] = true
  169. if base.Service.DisableRegistration {
  170. ctx.Handle(403, "user.SignUpPost", nil)
  171. return
  172. }
  173. sid, isOauth := ctx.Session.Get("socialId").(int64)
  174. if isOauth {
  175. ctx.Data["IsSocialLogin"] = true
  176. }
  177. if ctx.HasError() {
  178. ctx.HTML(200, "user/signup")
  179. return
  180. }
  181. if form.Password != form.RetypePasswd {
  182. ctx.Data["Err_Password"] = true
  183. ctx.Data["Err_RetypePasswd"] = true
  184. ctx.RenderWithErr("Password and re-type password are not same.", "user/signup", &form)
  185. return
  186. }
  187. u := &models.User{
  188. Name: form.UserName,
  189. Email: form.Email,
  190. Passwd: form.Password,
  191. IsActive: !base.Service.RegisterEmailConfirm || isOauth,
  192. }
  193. var err error
  194. if u, err = models.RegisterUser(u); err != nil {
  195. switch err {
  196. case models.ErrUserAlreadyExist:
  197. ctx.RenderWithErr("Username has been already taken", "user/signup", &form)
  198. case models.ErrEmailAlreadyUsed:
  199. ctx.RenderWithErr("E-mail address has been already used", "user/signup", &form)
  200. case models.ErrUserNameIllegal:
  201. ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form)
  202. default:
  203. ctx.Handle(500, "user.SignUp(RegisterUser)", err)
  204. }
  205. return
  206. }
  207. log.Trace("%s User created: %s", ctx.Req.RequestURI, form.UserName)
  208. // Bind social account.
  209. if isOauth {
  210. if err = models.BindUserOauth2(u.Id, sid); err != nil {
  211. ctx.Handle(500, "user.SignUp(BindUserOauth2)", err)
  212. return
  213. }
  214. ctx.Session.Delete("socialId")
  215. log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  216. }
  217. // Send confirmation e-mail, no need for social account.
  218. if !isOauth && base.Service.RegisterEmailConfirm && u.Id > 1 {
  219. mailer.SendRegisterMail(ctx.Render, u)
  220. ctx.Data["IsSendRegisterMail"] = true
  221. ctx.Data["Email"] = u.Email
  222. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  223. ctx.HTML(200, "user/activate")
  224. if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  225. log.Error("Set cache(MailResendLimit) fail: %v", err)
  226. }
  227. return
  228. }
  229. ctx.Redirect("/user/login")
  230. }
  231. func Delete(ctx *middleware.Context) {
  232. ctx.Data["Title"] = "Delete Account"
  233. ctx.Data["PageIsUserSetting"] = true
  234. ctx.Data["IsUserPageSettingDelete"] = true
  235. ctx.HTML(200, "user/delete")
  236. }
  237. func DeletePost(ctx *middleware.Context) {
  238. ctx.Data["Title"] = "Delete Account"
  239. ctx.Data["PageIsUserSetting"] = true
  240. ctx.Data["IsUserPageSettingDelete"] = true
  241. tmpUser := models.User{
  242. Passwd: ctx.Query("password"),
  243. Salt: ctx.User.Salt,
  244. }
  245. tmpUser.EncodePasswd()
  246. if tmpUser.Passwd != ctx.User.Passwd {
  247. ctx.Flash.Error("Password is not correct. Make sure you are owner of this account.")
  248. } else {
  249. if err := models.DeleteUser(ctx.User); err != nil {
  250. switch err {
  251. case models.ErrUserOwnRepos:
  252. ctx.Flash.Error("Your account still have ownership of repository, you have to delete or transfer them first.")
  253. default:
  254. ctx.Handle(500, "user.Delete", err)
  255. return
  256. }
  257. } else {
  258. ctx.Redirect("/")
  259. return
  260. }
  261. }
  262. ctx.Redirect("/user/delete")
  263. }
  264. func Activate(ctx *middleware.Context) {
  265. code := ctx.Query("code")
  266. if len(code) == 0 {
  267. ctx.Data["IsActivatePage"] = true
  268. if ctx.User.IsActive {
  269. ctx.Handle(404, "user.Activate", nil)
  270. return
  271. }
  272. // Resend confirmation e-mail.
  273. if base.Service.RegisterEmailConfirm {
  274. if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
  275. ctx.Data["ResendLimited"] = true
  276. } else {
  277. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  278. mailer.SendActiveMail(ctx.Render, ctx.User)
  279. if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
  280. log.Error("Set cache(MailResendLimit) fail: %v", err)
  281. }
  282. }
  283. } else {
  284. ctx.Data["ServiceNotEnabled"] = true
  285. }
  286. ctx.HTML(200, "user/activate")
  287. return
  288. }
  289. // Verify code.
  290. if user := models.VerifyUserActiveCode(code); user != nil {
  291. user.IsActive = true
  292. user.Rands = models.GetUserSalt()
  293. if err := models.UpdateUser(user); err != nil {
  294. ctx.Handle(404, "user.Activate", err)
  295. return
  296. }
  297. log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name)
  298. ctx.Session.Set("userId", user.Id)
  299. ctx.Session.Set("userName", user.Name)
  300. ctx.Redirect("/")
  301. return
  302. }
  303. ctx.Data["IsActivateFailed"] = true
  304. ctx.HTML(200, "user/activate")
  305. }
  306. func ForgotPasswd(ctx *middleware.Context) {
  307. ctx.Data["Title"] = "Forgot Password"
  308. if base.MailService == nil {
  309. ctx.Data["IsResetDisable"] = true
  310. ctx.HTML(200, "user/forgot_passwd")
  311. return
  312. }
  313. ctx.Data["IsResetRequest"] = true
  314. ctx.HTML(200, "user/forgot_passwd")
  315. }
  316. func ForgotPasswdPost(ctx *middleware.Context) {
  317. ctx.Data["Title"] = "Forgot Password"
  318. if base.MailService == nil {
  319. ctx.Handle(403, "user.ForgotPasswdPost", nil)
  320. return
  321. }
  322. ctx.Data["IsResetRequest"] = true
  323. email := ctx.Query("email")
  324. u, err := models.GetUserByEmail(email)
  325. if err != nil {
  326. if err == models.ErrUserNotExist {
  327. ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil)
  328. } else {
  329. ctx.Handle(500, "user.ResetPasswd(check existence)", err)
  330. }
  331. return
  332. }
  333. if ctx.Cache.IsExist("MailResendLimit_" + u.LowerName) {
  334. ctx.Data["ResendLimited"] = true
  335. ctx.HTML(200, "user/forgot_passwd")
  336. return
  337. }
  338. mailer.SendResetPasswdMail(ctx.Render, u)
  339. if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  340. log.Error("Set cache(MailResendLimit) fail: %v", err)
  341. }
  342. ctx.Data["Email"] = email
  343. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  344. ctx.Data["IsResetSent"] = true
  345. ctx.HTML(200, "user/forgot_passwd")
  346. }
  347. func ResetPasswd(ctx *middleware.Context) {
  348. ctx.Data["Title"] = "Reset Password"
  349. code := ctx.Query("code")
  350. if len(code) == 0 {
  351. ctx.Error(404)
  352. return
  353. }
  354. ctx.Data["Code"] = code
  355. ctx.Data["IsResetForm"] = true
  356. ctx.HTML(200, "user/reset_passwd")
  357. }
  358. func ResetPasswdPost(ctx *middleware.Context) {
  359. ctx.Data["Title"] = "Reset Password"
  360. code := ctx.Query("code")
  361. if len(code) == 0 {
  362. ctx.Error(404)
  363. return
  364. }
  365. ctx.Data["Code"] = code
  366. if u := models.VerifyUserActiveCode(code); u != nil {
  367. // Validate password length.
  368. passwd := ctx.Query("passwd")
  369. if len(passwd) < 6 || len(passwd) > 30 {
  370. ctx.Data["IsResetForm"] = true
  371. ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil)
  372. return
  373. }
  374. u.Passwd = passwd
  375. u.Rands = models.GetUserSalt()
  376. u.Salt = models.GetUserSalt()
  377. u.EncodePasswd()
  378. if err := models.UpdateUser(u); err != nil {
  379. ctx.Handle(500, "user.ResetPasswd(UpdateUser)", err)
  380. return
  381. }
  382. log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name)
  383. ctx.Redirect("/user/login")
  384. return
  385. }
  386. ctx.Data["IsResetFailed"] = true
  387. ctx.HTML(200, "user/reset_passwd")
  388. }