OpenI
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
Browse Source

Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369) 

* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
tags/v1.2.0-rc1
Sandro Santilli Bo-Yi Wu 8 years ago
parent
2767b67a8e
commit
dca5fdb5cc
7 changed files with 47 additions and 38 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      cmd/web.go
  2. +2
    -1
      conf/app.ini
  3. +1
    -1
      modules/context/context.go
  4. +26
    -24
      modules/setting/setting.go
  5. +2
    -0
      options/locale/locale_en-US.ini
  6. +10
    -10
      routers/user/auth_openid.go
  7. +4
    -0
      templates/admin/config.tmpl

+ 2
- 2
cmd/web.go View File

@@ -200,7 +200,7 @@ func runWeb(ctx *cli.Context) error {
m.Group("/user", func() {
m.Get("/login", user.SignIn)
m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
if setting.EnableOpenIDSignIn {
if setting.Service.EnableOpenIDSignIn {
m.Combo("/login/openid").
Get(user.SignInOpenID).
Post(bindIgnErr(auth.SignInOpenIDForm{}), user.SignInOpenIDPost)
@@ -243,7 +243,7 @@ func runWeb(ctx *cli.Context) error {
m.Post("/email/delete", user.DeleteEmail)
m.Get("/password", user.SettingsPassword)
m.Post("/password", bindIgnErr(auth.ChangePasswordForm{}), user.SettingsPasswordPost)
if setting.EnableOpenIDSignIn {
if setting.Service.EnableOpenIDSignIn {
m.Group("/openid", func() {
m.Combo("").Get(user.SettingsOpenID).
Post(bindIgnErr(auth.AddOpenIDForm{}), user.SettingsOpenIDPost)


+ 2
- 1
conf/app.ini View File

@@ -203,7 +203,8 @@ IMPORT_LOCAL_PATHS = false
; Whether to allow signin in via OpenID
ENABLE_OPENID_SIGNIN = true
; Whether to allow registering via OpenID
ENABLE_OPENID_SIGNUP = true
; Do not include to rely on DISABLE_REGISTRATION setting
;ENABLE_OPENID_SIGNUP = true
; Allowed URI patterns (POSIX regexp).
; Space separated.
; Only these would be allowed if non-blank.


+ 1
- 1
modules/context/context.go View File

@@ -197,7 +197,7 @@ func Contexter() macaron.Handler {
ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
ctx.Data["EnableOpenIDSignIn"] = setting.EnableOpenIDSignIn
ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn

c.Map(ctx)
}


+ 26
- 24
modules/setting/setting.go View File

@@ -121,12 +121,6 @@ var (
MinPasswordLength int
ImportLocalPaths bool

// OpenID settings
EnableOpenIDSignIn bool
EnableOpenIDSignUp bool
OpenIDWhitelist []*regexp.Regexp
OpenIDBlacklist []*regexp.Regexp

// Database settings
UseSQLite3 bool
UseMySQL bool
@@ -758,24 +752,6 @@ please consider changing to GITEA_CUSTOM`)
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)

sec = Cfg.Section("openid")
EnableOpenIDSignIn = sec.Key("ENABLE_OPENID_SIGNIN").MustBool(true)
EnableOpenIDSignUp = sec.Key("ENABLE_OPENID_SIGNUP").MustBool(true)
pats := sec.Key("WHITELISTED_URIS").Strings(" ")
if len(pats) != 0 {
OpenIDWhitelist = make([]*regexp.Regexp, len(pats))
for i, p := range pats {
OpenIDWhitelist[i] = regexp.MustCompilePOSIX(p)
}
}
pats = sec.Key("BLACKLISTED_URIS").Strings(" ")
if len(pats) != 0 {
OpenIDBlacklist = make([]*regexp.Regexp, len(pats))
for i, p := range pats {
OpenIDBlacklist[i] = regexp.MustCompilePOSIX(p)
}
}

sec = Cfg.Section("attachment")
AttachmentPath = sec.Key("PATH").MustString(path.Join(AppDataPath, "attachments"))
if !filepath.IsAbs(AttachmentPath) {
@@ -939,6 +915,13 @@ var Service struct {
EnableCaptcha bool
DefaultKeepEmailPrivate bool
NoReplyAddress string

// OpenID settings
EnableOpenIDSignIn bool
EnableOpenIDSignUp bool
OpenIDWhitelist []*regexp.Regexp
OpenIDBlacklist []*regexp.Regexp

}

func newService() {
@@ -953,6 +936,25 @@ func newService() {
Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool()
Service.DefaultKeepEmailPrivate = sec.Key("DEFAULT_KEEP_EMAIL_PRIVATE").MustBool()
Service.NoReplyAddress = sec.Key("NO_REPLY_ADDRESS").MustString("noreply.example.org")

sec = Cfg.Section("openid")
Service.EnableOpenIDSignIn = sec.Key("ENABLE_OPENID_SIGNIN").MustBool(true)
Service.EnableOpenIDSignUp = sec.Key("ENABLE_OPENID_SIGNUP").MustBool(!Service.DisableRegistration)
pats := sec.Key("WHITELISTED_URIS").Strings(" ")
if len(pats) != 0 {
Service.OpenIDWhitelist = make([]*regexp.Regexp, len(pats))
for i, p := range pats {
Service.OpenIDWhitelist[i] = regexp.MustCompilePOSIX(p)
}
}
pats = sec.Key("BLACKLISTED_URIS").Strings(" ")
if len(pats) != 0 {
Service.OpenIDBlacklist = make([]*regexp.Regexp, len(pats))
for i, p := range pats {
Service.OpenIDBlacklist[i] = regexp.MustCompilePOSIX(p)
}
}

}

var logLevels = map[string]string{


+ 2
- 0
options/locale/locale_en-US.ini View File

@@ -1211,6 +1211,8 @@ config.db_path_helper = (for "sqlite3" and "tidb")
config.service_config = Service Configuration
config.register_email_confirm = Require Email Confirmation
config.disable_register = Disable Registration
config.enable_openid_signup = Enable Registration via OpenID
config.enable_openid_signin = Enable OpenID Sign In
config.show_registration_button = Show Register Button
config.require_sign_in_view = Require Sign In View
config.mail_notify = Mail Notification


+ 10
- 10
routers/user/auth_openid.go View File

@@ -68,8 +68,8 @@ func allowedOpenIDURI(uri string) (err error) {

// In case a Whitelist is present, URI must be in it
// in order to be accepted
if len(setting.OpenIDWhitelist) != 0 {
for _, pat := range setting.OpenIDWhitelist {
if len(setting.Service.OpenIDWhitelist) != 0 {
for _, pat := range setting.Service.OpenIDWhitelist {
if pat.MatchString(uri) {
return nil // pass
}
@@ -79,7 +79,7 @@ func allowedOpenIDURI(uri string) (err error) {
}

// A blacklist match expliclty forbids
for _, pat := range setting.OpenIDBlacklist {
for _, pat := range setting.Service.OpenIDBlacklist {
if pat.MatchString(uri) {
return fmt.Errorf("URI forbidden by blacklist")
}
@@ -231,7 +231,7 @@ func signInOpenIDVerify(ctx *context.Context) {

ctx.Session.Set("openid_determined_username", nickname)

if u != nil || !setting.EnableOpenIDSignUp {
if u != nil || !setting.Service.EnableOpenIDSignUp {
ctx.Redirect(setting.AppSubURL + "/user/openid/connect")
} else {
ctx.Redirect(setting.AppSubURL + "/user/openid/register")
@@ -248,7 +248,7 @@ func ConnectOpenID(ctx *context.Context) {
ctx.Data["Title"] = "OpenID connect"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsOpenIDConnect"] = true
ctx.Data["EnableOpenIDSignUp"] = setting.EnableOpenIDSignUp
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["OpenID"] = oid
userName, _ := ctx.Session.Get("openid_determined_username").(string)
if userName != "" {
@@ -267,7 +267,7 @@ func ConnectOpenIDPost(ctx *context.Context, form auth.ConnectOpenIDForm) {
ctx.Data["Title"] = "OpenID connect"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsOpenIDConnect"] = true
ctx.Data["EnableOpenIDSignUp"] = setting.EnableOpenIDSignUp
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["OpenID"] = oid

u, err := models.UserSignIn(form.UserName, form.Password)
@@ -300,7 +300,7 @@ func ConnectOpenIDPost(ctx *context.Context, form auth.ConnectOpenIDForm) {

// RegisterOpenID shows a form to create a new user authenticated via an OpenID URI
func RegisterOpenID(ctx *context.Context) {
if !setting.EnableOpenIDSignUp {
if !setting.Service.EnableOpenIDSignUp {
ctx.Error(403)
return
}
@@ -312,7 +312,7 @@ func RegisterOpenID(ctx *context.Context) {
ctx.Data["Title"] = "OpenID signup"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsOpenIDRegister"] = true
ctx.Data["EnableOpenIDSignUp"] = setting.EnableOpenIDSignUp
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["OpenID"] = oid
userName, _ := ctx.Session.Get("openid_determined_username").(string)
@@ -328,7 +328,7 @@ func RegisterOpenID(ctx *context.Context) {

// RegisterOpenIDPost handles submission of a form to create a new user authenticated via an OpenID URI
func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.SignUpOpenIDForm) {
if !setting.EnableOpenIDSignUp {
if !setting.Service.EnableOpenIDSignUp {
ctx.Error(403)
return
}
@@ -341,7 +341,7 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si
ctx.Data["Title"] = "OpenID signup"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsOpenIDRegister"] = true
ctx.Data["EnableOpenIDSignUp"] = setting.EnableOpenIDSignUp
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["OpenID"] = oid



+ 4
- 0
templates/admin/config.tmpl View File

@@ -114,6 +114,10 @@
<dd><i class="fa fa{{if .Service.DisableRegistration}}-check{{end}}-square-o"></i></dd>
<dt>{{.i18n.Tr "admin.config.show_registration_button"}}</dt>
<dd><i class="fa fa{{if .Service.ShowRegistrationButton}}-check{{end}}-square-o"></i></dd>
<dt>{{.i18n.Tr "admin.config.enable_openid_signup"}}</dt>
<dd><i class="fa fa{{if .Service.EnableOpenIDSignUp}}-check{{end}}-square-o"></i></dd>
<dt>{{.i18n.Tr "admin.config.enable_openid_signin"}}</dt>
<dd><i class="fa fa{{if .Service.EnableOpenIDSignIn}}-check{{end}}-square-o"></i></dd>
<dt>{{.i18n.Tr "admin.config.require_sign_in_view"}}</dt>
<dd><i class="fa fa{{if .Service.RequireSignInView}}-check{{end}}-square-o"></i></dd>
<dt>{{.i18n.Tr "admin.config.mail_notify"}}</dt>


Write Preview
Loading…
Cancel
Save