sim1222-mirror/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-09-03 22:37:01 +09:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge branch 'main' into feature/bots

Browse Source
This commit is contained in:
Jason Song
2022-12-28 18:22:40 +08:00
parent 1f48a9ad6f ca67c5a8a7
commit c393a9ca93
15 changed files with 111 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
services/auth/oauth2.go
View File

@ -120,18 +120,14 @@ func (o *OAuth2) userIDFromToken(req *http.Request, store DataStore) int64 {
// or the "Authorization" header and returns the corresponding user object for that ID.
// If verification is successful returns an existing user object.
// Returns nil if verification fails.
func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
if !db.HasEngine {
return nil
}
func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) {
if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isAuthenticatedTokenRequest(req) {
return nil
return nil, nil
}
id := o.userIDFromToken(req, store)
if id == -1 || id <= -3 { // -2 means actions, so we need to allow it.
return nil
return nil, nil
}
log.Trace("OAuth2 Authorization: Found token for user[%d]", id)
@ -140,11 +136,11 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
if !user_model.IsErrUserNotExist(err) {
log.Error("GetUserByName: %v", err)
}
return nil
return nil, err
}
log.Trace("OAuth2 Authorization: Logged in user %-v", user)
return user
return user, nil
}
func isAuthenticatedTokenRequest(req *http.Request) bool {