mirror of
				https://gitcode.com/gitea/gitea.git
				synced 2025-10-25 03:57:13 +08:00 
			
		
		
		
	fix .netrc authentication (#2700)
* provide both possible authentication solutions Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
This commit is contained in:
		 David Schneiderbauer
					David Schneiderbauer
				
			
				
					committed by
					
						 Lauris BH
						Lauris BH
					
				
			
			
				
	
			
			
			 Lauris BH
						Lauris BH
					
				
			
						parent
						
							1ec4dc6c1d
						
					
				
				
					commit
					4ccb0fe338
				
			| @ -139,19 +139,28 @@ func HTTP(ctx *context.Context) { | ||||
| 			} | ||||
|  | ||||
| 			if authUser == nil { | ||||
| 				authUser, err = models.GetUserByName(authUsername) | ||||
| 				isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic" | ||||
|  | ||||
| 				if err != nil { | ||||
| 					if models.IsErrUserNotExist(err) { | ||||
| 						ctx.HandleText(http.StatusUnauthorized, "invalid credentials") | ||||
| 					} else { | ||||
| 						ctx.Handle(http.StatusInternalServerError, "GetUserByName", err) | ||||
| 				// Assume username is token | ||||
| 				authToken := authUsername | ||||
|  | ||||
| 				if !isUsernameToken { | ||||
| 					// Assume password is token | ||||
| 					authToken = authPasswd | ||||
|  | ||||
| 					authUser, err = models.GetUserByName(authUsername) | ||||
| 					if err != nil { | ||||
| 						if models.IsErrUserNotExist(err) { | ||||
| 							ctx.HandleText(http.StatusUnauthorized, "invalid credentials") | ||||
| 						} else { | ||||
| 							ctx.Handle(http.StatusInternalServerError, "GetUserByName", err) | ||||
| 						} | ||||
| 						return | ||||
| 					} | ||||
| 					return | ||||
| 				} | ||||
|  | ||||
| 				// Assume password is a token. | ||||
| 				token, err := models.GetAccessTokenBySHA(authPasswd) | ||||
| 				token, err := models.GetAccessTokenBySHA(authToken) | ||||
| 				if err != nil { | ||||
| 					if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) { | ||||
| 						ctx.HandleText(http.StatusUnauthorized, "invalid credentials") | ||||
| @ -161,7 +170,13 @@ func HTTP(ctx *context.Context) { | ||||
| 					return | ||||
| 				} | ||||
|  | ||||
| 				if authUser.ID != token.UID { | ||||
| 				if isUsernameToken { | ||||
| 					authUser, err = models.GetUserByID(token.UID) | ||||
| 					if err != nil { | ||||
| 						ctx.Handle(http.StatusInternalServerError, "GetUserByID", err) | ||||
| 						return | ||||
| 					} | ||||
| 				} else if authUser.ID != token.UID { | ||||
| 					ctx.HandleText(http.StatusUnauthorized, "invalid credentials") | ||||
| 					return | ||||
| 				} | ||||
| @ -170,7 +185,6 @@ func HTTP(ctx *context.Context) { | ||||
| 				if err = models.UpdateAccessToken(token); err != nil { | ||||
| 					ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err) | ||||
| 				} | ||||
|  | ||||
| 			} else { | ||||
| 				_, err = models.GetTwoFactorByUID(authUser.ID) | ||||
|  | ||||
|  | ||||
		Reference in New Issue
	
	Block a user