afan
/
gitea
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
gitea源码
3 коммитов
2 веток
ветка: master
веток Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'master'
${ noResults }
gitea/services/auth/source/smtp/source_authenticate.go

source_authenticate.go 2.4KB
Постоянная ссылка История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package smtp

  5. 

  6. import (

  7. 	"context"

  8. 	"errors"

  9. 	"net/smtp"

  10. 	"net/textproto"

  11. 	"strings"

  12. 

  13. 	auth_model "code.gitea.io/gitea/models/auth"

  14. 	user_model "code.gitea.io/gitea/models/user"

  15. 	"code.gitea.io/gitea/modules/optional"

  16. 	"code.gitea.io/gitea/modules/util"

  17. )

  18. 

  19. // Authenticate queries if the provided login/password is authenticates against the SMTP server

  20. // Users will be autoregistered as required

  21. func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) {

  22. 	// Verify allowed domains.

  23. 	if len(source.AllowedDomains) > 0 {

  24. 		idx := strings.Index(userName, "@")

  25. 		if idx == -1 {

  26. 			return nil, user_model.ErrUserNotExist{Name: userName}

  27. 		} else if !util.SliceContainsString(strings.Split(source.AllowedDomains, ","), userName[idx+1:], true) {

  28. 			return nil, user_model.ErrUserNotExist{Name: userName}

  29. 		}

  30. 	}

  31. 

  32. 	var auth smtp.Auth

  33. 	switch source.Auth {

  34. 	case PlainAuthentication:

  35. 		auth = smtp.PlainAuth("", userName, password, source.Host)

  36. 	case LoginAuthentication:

  37. 		auth = &loginAuthenticator{userName, password}

  38. 	case CRAMMD5Authentication:

  39. 		auth = smtp.CRAMMD5Auth(userName, password)

  40. 	default:

  41. 		return nil, errors.New("unsupported SMTP auth type")

  42. 	}

  43. 

  44. 	if err := Authenticate(auth, source); err != nil {

  45. 		// Check standard error format first,

  46. 		// then fallback to worse case.

  47. 		tperr, ok := err.(*textproto.Error)

  48. 		if (ok && tperr.Code == 535) ||

  49. 			strings.Contains(err.Error(), "Username and Password not accepted") {

  50. 			return nil, user_model.ErrUserNotExist{Name: userName}

  51. 		}

  52. 		if (ok && tperr.Code == 534) ||

  53. 			strings.Contains(err.Error(), "Application-specific password required") {

  54. 			return nil, user_model.ErrUserNotExist{Name: userName}

  55. 		}

  56. 		return nil, err

  57. 	}

  58. 

  59. 	if user != nil {

  60. 		return user, nil

  61. 	}

  62. 

  63. 	username := userName

  64. 	idx := strings.Index(userName, "@")

  65. 	if idx > -1 {

  66. 		username = userName[:idx]

  67. 	}

  68. 

  69. 	user = &user_model.User{

  70. 		LowerName:   strings.ToLower(username),

  71. 		Name:        strings.ToLower(username),

  72. 		Email:       userName,

  73. 		Passwd:      password,

  74. 		LoginType:   auth_model.SMTP,

  75. 		LoginSource: source.AuthSource.ID,

  76. 		LoginName:   userName,

  77. 	}

  78. 	overwriteDefault := &user_model.CreateUserOverwriteOptions{

  79. 		IsActive: optional.Some(true),

  80. 	}

  81. 

  82. 	if err := user_model.CreateUser(ctx, user, &user_model.Meta{}, overwriteDefault); err != nil {

  83. 		return user, err

  84. 	}

  85. 

  86. 	return user, nil

  87. }