user.go 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package user
  5. import (
  6. "net/url"
  7. "strings"
  8. "github.com/gogits/gogs/models"
  9. "github.com/gogits/gogs/modules/auth"
  10. "github.com/gogits/gogs/modules/base"
  11. "github.com/gogits/gogs/modules/log"
  12. "github.com/gogits/gogs/modules/mailer"
  13. "github.com/gogits/gogs/modules/middleware"
  14. )
  15. func SignIn(ctx *middleware.Context) {
  16. ctx.Data["Title"] = "Log In"
  17. if _, ok := ctx.Session.Get("socialId").(int64); ok {
  18. ctx.Data["IsSocialLogin"] = true
  19. ctx.HTML(200, "user/signin")
  20. return
  21. }
  22. if base.OauthService != nil {
  23. ctx.Data["OauthEnabled"] = true
  24. ctx.Data["OauthService"] = base.OauthService
  25. }
  26. // Check auto-login.
  27. userName := ctx.GetCookie(base.CookieUserName)
  28. if len(userName) == 0 {
  29. ctx.HTML(200, "user/signin")
  30. return
  31. }
  32. isSucceed := false
  33. defer func() {
  34. if !isSucceed {
  35. log.Trace("user.SignIn(auto-login cookie cleared): %s", userName)
  36. ctx.SetCookie(base.CookieUserName, "", -1)
  37. ctx.SetCookie(base.CookieRememberName, "", -1)
  38. return
  39. }
  40. }()
  41. user, err := models.GetUserByName(userName)
  42. if err != nil {
  43. ctx.Handle(500, "user.SignIn(GetUserByName)", err)
  44. return
  45. }
  46. secret := base.EncodeMd5(user.Rands + user.Passwd)
  47. value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName)
  48. if value != user.Name {
  49. ctx.HTML(200, "user/signin")
  50. return
  51. }
  52. isSucceed = true
  53. ctx.Session.Set("userId", user.Id)
  54. ctx.Session.Set("userName", user.Name)
  55. if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  56. ctx.SetCookie("redirect_to", "", -1)
  57. ctx.Redirect(redirectTo)
  58. return
  59. }
  60. ctx.Redirect("/")
  61. }
  62. func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
  63. ctx.Data["Title"] = "Log In"
  64. sid, isOauth := ctx.Session.Get("socialId").(int64)
  65. if isOauth {
  66. ctx.Data["IsSocialLogin"] = true
  67. } else if base.OauthService != nil {
  68. ctx.Data["OauthEnabled"] = true
  69. ctx.Data["OauthService"] = base.OauthService
  70. }
  71. if ctx.HasError() {
  72. println("shit")
  73. ctx.HTML(200, "user/signin")
  74. return
  75. }
  76. var user *models.User
  77. var err error
  78. /*if base.Service.LdapAuth {
  79. user, err = models.LoginUserLdap(form.UserName, form.Password)
  80. if err != nil {
  81. log.Error("Fail to login through LDAP: %v", err)
  82. }
  83. }
  84. // try local if not LDAP or it's failed
  85. if !base.Service.LdapAuth || err != nil {
  86. user, err = models.LoginUserPlain(form.UserName, form.Password)
  87. }*/
  88. user, err = models.LoginUser(form.UserName, form.Password)
  89. if err != nil {
  90. if err == models.ErrUserNotExist {
  91. log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password)
  92. ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
  93. return
  94. }
  95. ctx.Handle(500, "user.SignIn", err)
  96. return
  97. }
  98. if form.Remember {
  99. secret := base.EncodeMd5(user.Rands + user.Passwd)
  100. days := 86400 * base.LogInRememberDays
  101. ctx.SetCookie(base.CookieUserName, user.Name, days)
  102. ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
  103. }
  104. // Bind with social account.
  105. if isOauth {
  106. if err = models.BindUserOauth2(user.Id, sid); err != nil {
  107. if err == models.ErrOauth2RecordNotExist {
  108. ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err)
  109. } else {
  110. ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err)
  111. }
  112. return
  113. }
  114. ctx.Session.Delete("socialId")
  115. log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  116. }
  117. ctx.Session.Set("userId", user.Id)
  118. ctx.Session.Set("userName", user.Name)
  119. if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
  120. ctx.SetCookie("redirect_to", "", -1)
  121. ctx.Redirect(redirectTo)
  122. return
  123. }
  124. ctx.Redirect("/")
  125. }
  126. func SignOut(ctx *middleware.Context) {
  127. ctx.Session.Delete("userId")
  128. ctx.Session.Delete("userName")
  129. ctx.Session.Delete("socialId")
  130. ctx.Session.Delete("socialName")
  131. ctx.Session.Delete("socialEmail")
  132. ctx.SetCookie(base.CookieUserName, "", -1)
  133. ctx.SetCookie(base.CookieRememberName, "", -1)
  134. ctx.Redirect("/")
  135. }
  136. func SignUp(ctx *middleware.Context) {
  137. ctx.Data["Title"] = "Sign Up"
  138. ctx.Data["PageIsSignUp"] = true
  139. if base.Service.DisableRegistration {
  140. ctx.Data["DisableRegistration"] = true
  141. ctx.HTML(200, "user/signup")
  142. return
  143. }
  144. if sid, ok := ctx.Session.Get("socialId").(int64); ok {
  145. oauthSignUp(ctx, sid)
  146. return
  147. }
  148. ctx.HTML(200, "user/signup")
  149. }
  150. func oauthSignUp(ctx *middleware.Context, sid int64) {
  151. ctx.Data["Title"] = "OAuth Sign Up"
  152. ctx.Data["PageIsSignUp"] = true
  153. if _, err := models.GetOauth2ById(sid); err != nil {
  154. if err == models.ErrOauth2RecordNotExist {
  155. ctx.Handle(404, "user.oauthSignUp(GetOauth2ById)", err)
  156. } else {
  157. ctx.Handle(500, "user.oauthSignUp(GetOauth2ById)", err)
  158. }
  159. return
  160. }
  161. ctx.Data["IsSocialLogin"] = true
  162. ctx.Data["username"] = strings.Replace(ctx.Session.Get("socialName").(string), " ", "", -1)
  163. ctx.Data["email"] = ctx.Session.Get("socialEmail")
  164. log.Trace("user.oauthSignUp(social ID): %v", ctx.Session.Get("socialId"))
  165. ctx.HTML(200, "user/signup")
  166. }
  167. func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
  168. ctx.Data["Title"] = "Sign Up"
  169. ctx.Data["PageIsSignUp"] = true
  170. if base.Service.DisableRegistration {
  171. ctx.Handle(403, "user.SignUpPost", nil)
  172. return
  173. }
  174. sid, isOauth := ctx.Session.Get("socialId").(int64)
  175. if isOauth {
  176. ctx.Data["IsSocialLogin"] = true
  177. }
  178. if ctx.HasError() {
  179. ctx.HTML(200, "user/signup")
  180. return
  181. }
  182. if form.Password != form.RetypePasswd {
  183. ctx.Data["Err_Password"] = true
  184. ctx.Data["Err_RetypePasswd"] = true
  185. ctx.RenderWithErr("Password and re-type password are not same.", "user/signup", &form)
  186. return
  187. }
  188. u := &models.User{
  189. Name: form.UserName,
  190. Email: form.Email,
  191. Passwd: form.Password,
  192. IsActive: !base.Service.RegisterEmailConfirm || isOauth,
  193. }
  194. var err error
  195. if u, err = models.RegisterUser(u); err != nil {
  196. switch err {
  197. case models.ErrUserAlreadyExist:
  198. ctx.RenderWithErr("Username has been already taken", "user/signup", &form)
  199. case models.ErrEmailAlreadyUsed:
  200. ctx.RenderWithErr("E-mail address has been already used", "user/signup", &form)
  201. case models.ErrUserNameIllegal:
  202. ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form)
  203. default:
  204. ctx.Handle(500, "user.SignUp(RegisterUser)", err)
  205. }
  206. return
  207. }
  208. log.Trace("%s User created: %s", ctx.Req.RequestURI, form.UserName)
  209. // Bind social account.
  210. if isOauth {
  211. if err = models.BindUserOauth2(u.Id, sid); err != nil {
  212. ctx.Handle(500, "user.SignUp(BindUserOauth2)", err)
  213. return
  214. }
  215. ctx.Session.Delete("socialId")
  216. log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
  217. }
  218. // Send confirmation e-mail, no need for social account.
  219. if !isOauth && base.Service.RegisterEmailConfirm && u.Id > 1 {
  220. mailer.SendRegisterMail(ctx.Render, u)
  221. ctx.Data["IsSendRegisterMail"] = true
  222. ctx.Data["Email"] = u.Email
  223. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  224. ctx.HTML(200, "user/activate")
  225. if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  226. log.Error("Set cache(MailResendLimit) fail: %v", err)
  227. }
  228. return
  229. }
  230. ctx.Redirect("/user/login")
  231. }
  232. func Delete(ctx *middleware.Context) {
  233. ctx.Data["Title"] = "Delete Account"
  234. ctx.Data["PageIsUserSetting"] = true
  235. ctx.Data["IsUserPageSettingDelete"] = true
  236. ctx.HTML(200, "user/delete")
  237. }
  238. func DeletePost(ctx *middleware.Context) {
  239. ctx.Data["Title"] = "Delete Account"
  240. ctx.Data["PageIsUserSetting"] = true
  241. ctx.Data["IsUserPageSettingDelete"] = true
  242. tmpUser := models.User{
  243. Passwd: ctx.Query("password"),
  244. Salt: ctx.User.Salt,
  245. }
  246. tmpUser.EncodePasswd()
  247. if tmpUser.Passwd != ctx.User.Passwd {
  248. ctx.Flash.Error("Password is not correct. Make sure you are owner of this account.")
  249. } else {
  250. if err := models.DeleteUser(ctx.User); err != nil {
  251. switch err {
  252. case models.ErrUserOwnRepos:
  253. ctx.Flash.Error("Your account still have ownership of repository, you have to delete or transfer them first.")
  254. default:
  255. ctx.Handle(500, "user.Delete", err)
  256. return
  257. }
  258. } else {
  259. ctx.Redirect("/")
  260. return
  261. }
  262. }
  263. ctx.Redirect("/user/delete")
  264. }
  265. func Activate(ctx *middleware.Context) {
  266. code := ctx.Query("code")
  267. if len(code) == 0 {
  268. ctx.Data["IsActivatePage"] = true
  269. if ctx.User.IsActive {
  270. ctx.Handle(404, "user.Activate", nil)
  271. return
  272. }
  273. // Resend confirmation e-mail.
  274. if base.Service.RegisterEmailConfirm {
  275. if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
  276. ctx.Data["ResendLimited"] = true
  277. } else {
  278. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  279. mailer.SendActiveMail(ctx.Render, ctx.User)
  280. if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
  281. log.Error("Set cache(MailResendLimit) fail: %v", err)
  282. }
  283. }
  284. } else {
  285. ctx.Data["ServiceNotEnabled"] = true
  286. }
  287. ctx.HTML(200, "user/activate")
  288. return
  289. }
  290. // Verify code.
  291. if user := models.VerifyUserActiveCode(code); user != nil {
  292. user.IsActive = true
  293. user.Rands = models.GetUserSalt()
  294. if err := models.UpdateUser(user); err != nil {
  295. ctx.Handle(404, "user.Activate", err)
  296. return
  297. }
  298. log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name)
  299. ctx.Session.Set("userId", user.Id)
  300. ctx.Session.Set("userName", user.Name)
  301. ctx.Redirect("/")
  302. return
  303. }
  304. ctx.Data["IsActivateFailed"] = true
  305. ctx.HTML(200, "user/activate")
  306. }
  307. func ForgotPasswd(ctx *middleware.Context) {
  308. ctx.Data["Title"] = "Forgot Password"
  309. if base.MailService == nil {
  310. ctx.Data["IsResetDisable"] = true
  311. ctx.HTML(200, "user/forgot_passwd")
  312. return
  313. }
  314. ctx.Data["IsResetRequest"] = true
  315. ctx.HTML(200, "user/forgot_passwd")
  316. }
  317. func ForgotPasswdPost(ctx *middleware.Context) {
  318. ctx.Data["Title"] = "Forgot Password"
  319. if base.MailService == nil {
  320. ctx.Handle(403, "user.ForgotPasswdPost", nil)
  321. return
  322. }
  323. ctx.Data["IsResetRequest"] = true
  324. email := ctx.Query("email")
  325. u, err := models.GetUserByEmail(email)
  326. if err != nil {
  327. if err == models.ErrUserNotExist {
  328. ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil)
  329. } else {
  330. ctx.Handle(500, "user.ResetPasswd(check existence)", err)
  331. }
  332. return
  333. }
  334. if ctx.Cache.IsExist("MailResendLimit_" + u.LowerName) {
  335. ctx.Data["ResendLimited"] = true
  336. ctx.HTML(200, "user/forgot_passwd")
  337. return
  338. }
  339. mailer.SendResetPasswdMail(ctx.Render, u)
  340. if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
  341. log.Error("Set cache(MailResendLimit) fail: %v", err)
  342. }
  343. ctx.Data["Email"] = email
  344. ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
  345. ctx.Data["IsResetSent"] = true
  346. ctx.HTML(200, "user/forgot_passwd")
  347. }
  348. func ResetPasswd(ctx *middleware.Context) {
  349. ctx.Data["Title"] = "Reset Password"
  350. code := ctx.Query("code")
  351. if len(code) == 0 {
  352. ctx.Error(404)
  353. return
  354. }
  355. ctx.Data["Code"] = code
  356. ctx.Data["IsResetForm"] = true
  357. ctx.HTML(200, "user/reset_passwd")
  358. }
  359. func ResetPasswdPost(ctx *middleware.Context) {
  360. ctx.Data["Title"] = "Reset Password"
  361. code := ctx.Query("code")
  362. if len(code) == 0 {
  363. ctx.Error(404)
  364. return
  365. }
  366. ctx.Data["Code"] = code
  367. if u := models.VerifyUserActiveCode(code); u != nil {
  368. // Validate password length.
  369. passwd := ctx.Query("passwd")
  370. if len(passwd) < 6 || len(passwd) > 30 {
  371. ctx.Data["IsResetForm"] = true
  372. ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil)
  373. return
  374. }
  375. u.Passwd = passwd
  376. u.Rands = models.GetUserSalt()
  377. u.Salt = models.GetUserSalt()
  378. u.EncodePasswd()
  379. if err := models.UpdateUser(u); err != nil {
  380. ctx.Handle(500, "user.ResetPasswd(UpdateUser)", err)
  381. return
  382. }
  383. log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name)
  384. ctx.Redirect("/user/login")
  385. return
  386. }
  387. ctx.Data["IsResetFailed"] = true
  388. ctx.HTML(200, "user/reset_passwd")
  389. }