9 years ago · ff051e2106
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -242,7 +242,7 @@ func runWeb(ctx *cli.Context) {
 
				 				ctx.HandleAPI(404, "Page not found")
			
 
				 			})
			
 
				 		})
			
 
				-	})
			
 
				+	}, ignSignIn)
			
 
				 
			
 
				 	// User.
			
 
				 	m.Group("/user", func() {
			
--- a/conf/locale/TRANSLATORS
+++ b/conf/locale/TRANSLATORS
@@ -8,6 +8,7 @@ Huimin Wang <wanghm2009@hotmail.co.jp>
 
				 Thomas Fanninger <gogs.thomas@fanninger.at>
			
 
				 Łukasz Jan Niemier <lukasz@niemier.pl>
			
 
				 Lafriks <lafriks@gmail.com>
			
 
				+Luc Stepniewski <luc@stepniewski.fr>
			
 
				 Miguel de la Cruz <miguel@mcrx.me>
			
 
				 Natan Albuquerque <natanalbuquerque5@gmail.com>
			
 
				 Marc Schiller <marc@schiller.im>
			
--- a/gogs.go
+++ b/gogs.go
@@ -17,7 +17,7 @@ import (
 
				 	"github.com/gogits/gogs/modules/setting"
			
 
				 )
			
 
				 
			
 
				-const APP_VER = "0.6.1.0714 Beta"
			
 
				+const APP_VER = "0.6.1.0715 Beta"
			
 
				 
			
 
				 func init() {
			
 
				 	runtime.GOMAXPROCS(runtime.NumCPU())
			
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@@ -21,6 +21,10 @@ import (
 
				 	"github.com/gogits/gogs/modules/uuid"
			
 
				 )
			
 
				 
			
 
				+func IsAPIPath(url string) bool {
			
 
				+	return strings.HasPrefix(url, "/api/")
			
 
				+}
			
 
				+
			
 
				 // SignedInId returns the id of signed in user.
			
 
				 func SignedInId(req *http.Request, sess session.Store) int64 {
			
 
				 	if !models.HasEngine {
			
@@ -28,7 +32,7 @@ func SignedInId(req *http.Request, sess session.Store) int64 {
 
				 	}
			
 
				 
			
 
				 	// API calls need to check access token.
			
 
				-	if strings.HasPrefix(req.URL.Path, "/api/") {
			
 
				+	if IsAPIPath(req.URL.Path) {
			
 
				 		auHead := req.Header.Get("Authorization")
			
 
				 		if len(auHead) > 0 {
			
 
				 			auths := strings.Fields(auHead)
			
--- a/modules/middleware/auth.go
+++ b/modules/middleware/auth.go
@@ -10,6 +10,7 @@ import (
 
				 	"github.com/Unknwon/macaron"
			
 
				 	"github.com/macaron-contrib/csrf"
			
 
				 
			
 
				+	"github.com/gogits/gogs/modules/auth"
			
 
				 	"github.com/gogits/gogs/modules/setting"
			
 
				 )
			
 
				 
			
@@ -49,6 +50,12 @@ func Toggle(options *ToggleOptions) macaron.Handler {
 
				 
			
 
				 		if options.SignInRequire {
			
 
				 			if !ctx.IsSigned {
			
 
				+				// Restrict API calls with error message.
			
 
				+				if auth.IsAPIPath(ctx.Req.URL.Path) {
			
 
				+					ctx.HandleAPI(403, "Only signed in user is allowed to call APIs.")
			
 
				+					return
			
 
				+				}
			
 
				+
			
 
				 				ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
			
 
				 				ctx.Redirect(setting.AppSubUrl + "/user/login")
			
 
				 				return
			
--- a/templates/.VERSION
+++ b/templates/.VERSION
@@ -1 +1 @@
 
				-0.6.1.0714 Beta
			
 
				+0.6.1.0715 Beta