afan
/
gitea
Bevaka 1
Stjärnmärk 0
Förgrening 0
Kod Ärenden 0 Pull-förfrågningar 0 Släpp 0 Wiki Activity
gitea源码
3 Incheckningar
2 Grenar
Gren: master
Grenar Taggar
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
gitea/routers/web/user/setting/security/security.go

security.go 4.4KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2018 The Gitea Authors. All rights reserved.

  3. // SPDX-License-Identifier: MIT

  4. 

  5. package security

  6. 

  7. import (

  8. 	"net/http"

  9. 	"sort"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	"code.gitea.io/gitea/models/db"

  13. 	user_model "code.gitea.io/gitea/models/user"

  14. 	"code.gitea.io/gitea/modules/optional"

  15. 	"code.gitea.io/gitea/modules/setting"

  16. 	"code.gitea.io/gitea/modules/templates"

  17. 	"code.gitea.io/gitea/services/auth/source/oauth2"

  18. 	"code.gitea.io/gitea/services/context"

  19. )

  20. 

  21. const (

  22. 	tplSettingsSecurity    templates.TplName = "user/settings/security/security"

  23. 	tplSettingsTwofaEnroll templates.TplName = "user/settings/security/twofa_enroll"

  24. )

  25. 

  26. // Security render change user's password page and 2FA

  27. func Security(ctx *context.Context) {

  28. 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer,

  29. 		setting.UserFeatureManageMFA, setting.UserFeatureManageCredentials) {

  30. 		ctx.HTTPError(http.StatusNotFound)

  31. 		return

  32. 	}

  33. 

  34. 	ctx.Data["Title"] = ctx.Tr("settings.security")

  35. 	ctx.Data["PageIsSettingsSecurity"] = true

  36. 

  37. 	if ctx.FormString("openid.return_to") != "" {

  38. 		settingsOpenIDVerify(ctx)

  39. 		return

  40. 	}

  41. 

  42. 	loadSecurityData(ctx)

  43. 

  44. 	ctx.HTML(http.StatusOK, tplSettingsSecurity)

  45. }

  46. 

  47. // DeleteAccountLink delete a single account link

  48. func DeleteAccountLink(ctx *context.Context) {

  49. 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials) {

  50. 		ctx.HTTPError(http.StatusNotFound)

  51. 		return

  52. 	}

  53. 

  54. 	id := ctx.FormInt64("id")

  55. 	if id <= 0 {

  56. 		ctx.Flash.Error("Account link id is not given")

  57. 	} else {

  58. 		if _, err := user_model.RemoveAccountLink(ctx, ctx.Doer, id); err != nil {

  59. 			ctx.Flash.Error("RemoveAccountLink: " + err.Error())

  60. 		} else {

  61. 			ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success"))

  62. 		}

  63. 	}

  64. 

  65. 	ctx.JSONRedirect(setting.AppSubURL + "/user/settings/security")

  66. }

  67. 

  68. func loadSecurityData(ctx *context.Context) {

  69. 	enrolled, err := auth_model.HasTwoFactorByUID(ctx, ctx.Doer.ID)

  70. 	if err != nil {

  71. 		ctx.ServerError("SettingsTwoFactor", err)

  72. 		return

  73. 	}

  74. 	ctx.Data["TOTPEnrolled"] = enrolled

  75. 

  76. 	credentials, err := auth_model.GetWebAuthnCredentialsByUID(ctx, ctx.Doer.ID)

  77. 	if err != nil {

  78. 		ctx.ServerError("GetWebAuthnCredentialsByUID", err)

  79. 		return

  80. 	}

  81. 	ctx.Data["WebAuthnCredentials"] = credentials

  82. 

  83. 	tokens, err := db.Find[auth_model.AccessToken](ctx, auth_model.ListAccessTokensOptions{UserID: ctx.Doer.ID})

  84. 	if err != nil {

  85. 		ctx.ServerError("ListAccessTokens", err)

  86. 		return

  87. 	}

  88. 	ctx.Data["Tokens"] = tokens

  89. 

  90. 	accountLinks, err := db.Find[user_model.ExternalLoginUser](ctx, user_model.FindExternalUserOptions{

  91. 		UserID:  ctx.Doer.ID,

  92. 		OrderBy: "login_source_id DESC",

  93. 	})

  94. 	if err != nil {

  95. 		ctx.ServerError("ListAccountLinks", err)

  96. 		return

  97. 	}

  98. 

  99. 	// map the provider display name with the AuthSource

  100. 	sources := make(map[*auth_model.Source]string)

  101. 	for _, externalAccount := range accountLinks {

  102. 		if authSource, err := auth_model.GetSourceByID(ctx, externalAccount.LoginSourceID); err == nil {

  103. 			var providerDisplayName string

  104. 

  105. 			type DisplayNamed interface {

  106. 				DisplayName() string

  107. 			}

  108. 

  109. 			type Named interface {

  110. 				Name() string

  111. 			}

  112. 

  113. 			if displayNamed, ok := authSource.Cfg.(DisplayNamed); ok {

  114. 				providerDisplayName = displayNamed.DisplayName()

  115. 			} else if named, ok := authSource.Cfg.(Named); ok {

  116. 				providerDisplayName = named.Name()

  117. 			} else {

  118. 				providerDisplayName = authSource.Name

  119. 			}

  120. 			sources[authSource] = providerDisplayName

  121. 		}

  122. 	}

  123. 	ctx.Data["AccountLinks"] = sources

  124. 

  125. 	authSources, err := db.Find[auth_model.Source](ctx, auth_model.FindSourcesOptions{

  126. 		IsActive:  optional.None[bool](),

  127. 		LoginType: auth_model.OAuth2,

  128. 	})

  129. 	if err != nil {

  130. 		ctx.ServerError("FindSources", err)

  131. 		return

  132. 	}

  133. 

  134. 	var orderedOAuth2Names []string

  135. 	oauth2Providers := make(map[string]oauth2.Provider)

  136. 	for _, source := range authSources {

  137. 		provider, err := oauth2.CreateProviderFromSource(source)

  138. 		if err != nil {

  139. 			ctx.ServerError("CreateProviderFromSource", err)

  140. 			return

  141. 		}

  142. 		oauth2Providers[source.Name] = provider

  143. 		if source.IsActive {

  144. 			orderedOAuth2Names = append(orderedOAuth2Names, source.Name)

  145. 		}

  146. 	}

  147. 

  148. 	sort.Strings(orderedOAuth2Names)

  149. 

  150. 	ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names

  151. 	ctx.Data["OAuth2Providers"] = oauth2Providers

  152. 

  153. 	openid, err := user_model.GetUserOpenIDs(ctx, ctx.Doer.ID)

  154. 	if err != nil {

  155. 		ctx.ServerError("GetUserOpenIDs", err)

  156. 		return

  157. 	}

  158. 	ctx.Data["OpenIDs"] = openid

  159. 	ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer)

  160. }