2018-05-17 12:05:00 +08:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package setting
|
|
|
|
|
|
|
|
import (
|
2021-04-05 23:30:52 +08:00
|
|
|
"net/http"
|
|
|
|
|
2018-05-17 12:05:00 +08:00
|
|
|
"code.gitea.io/gitea/models"
|
2021-09-24 19:32:56 +08:00
|
|
|
"code.gitea.io/gitea/models/login"
|
2021-11-17 17:58:31 +08:00
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
2018-05-17 12:05:00 +08:00
|
|
|
"code.gitea.io/gitea/modules/base"
|
|
|
|
"code.gitea.io/gitea/modules/context"
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
tplSettingsSecurity base.TplName = "user/settings/security"
|
|
|
|
tplSettingsTwofaEnroll base.TplName = "user/settings/twofa_enroll"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Security render change user's password page and 2FA
|
|
|
|
func Security(ctx *context.Context) {
|
|
|
|
ctx.Data["Title"] = ctx.Tr("settings")
|
|
|
|
ctx.Data["PageIsSettingsSecurity"] = true
|
2021-01-21 05:17:46 +08:00
|
|
|
ctx.Data["RequireU2F"] = true
|
2018-05-17 12:05:00 +08:00
|
|
|
|
2021-08-11 08:31:13 +08:00
|
|
|
if ctx.FormString("openid.return_to") != "" {
|
2018-06-19 02:24:45 +08:00
|
|
|
settingsOpenIDVerify(ctx)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
loadSecurityData(ctx)
|
|
|
|
|
2021-04-05 23:30:52 +08:00
|
|
|
ctx.HTML(http.StatusOK, tplSettingsSecurity)
|
2018-06-19 02:24:45 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// DeleteAccountLink delete a single account link
|
|
|
|
func DeleteAccountLink(ctx *context.Context) {
|
2021-07-29 09:42:15 +08:00
|
|
|
id := ctx.FormInt64("id")
|
2019-02-07 14:51:23 +08:00
|
|
|
if id <= 0 {
|
|
|
|
ctx.Flash.Error("Account link id is not given")
|
2018-06-19 02:24:45 +08:00
|
|
|
} else {
|
2021-11-28 22:11:58 +08:00
|
|
|
if _, err := user_model.RemoveAccountLink(ctx.User, id); err != nil {
|
2019-02-07 14:51:23 +08:00
|
|
|
ctx.Flash.Error("RemoveAccountLink: " + err.Error())
|
|
|
|
} else {
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success"))
|
|
|
|
}
|
2018-06-19 02:24:45 +08:00
|
|
|
}
|
|
|
|
|
2021-04-05 23:30:52 +08:00
|
|
|
ctx.JSON(http.StatusOK, map[string]interface{}{
|
2018-06-19 02:24:45 +08:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/security",
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func loadSecurityData(ctx *context.Context) {
|
2021-11-09 06:47:19 +08:00
|
|
|
enrolled, err := login.HasTwoFactorByUID(ctx.User.ID)
|
2018-05-17 12:05:00 +08:00
|
|
|
if err != nil {
|
2021-11-09 06:47:19 +08:00
|
|
|
ctx.ServerError("SettingsTwoFactor", err)
|
|
|
|
return
|
2018-05-17 12:05:00 +08:00
|
|
|
}
|
2021-11-09 06:47:19 +08:00
|
|
|
ctx.Data["TOTPEnrolled"] = enrolled
|
|
|
|
|
|
|
|
ctx.Data["U2FRegistrations"], err = login.GetU2FRegistrationsByUID(ctx.User.ID)
|
|
|
|
if err != nil {
|
|
|
|
ctx.ServerError("GetU2FRegistrationsByUID", err)
|
|
|
|
return
|
2018-05-19 22:12:37 +08:00
|
|
|
}
|
2018-05-17 12:05:00 +08:00
|
|
|
|
2020-08-28 16:09:33 +08:00
|
|
|
tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})
|
2018-05-17 12:05:00 +08:00
|
|
|
if err != nil {
|
|
|
|
ctx.ServerError("ListAccessTokens", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ctx.Data["Tokens"] = tokens
|
|
|
|
|
2021-11-28 22:11:58 +08:00
|
|
|
accountLinks, err := user_model.ListAccountLinks(ctx.User)
|
2018-05-17 12:05:00 +08:00
|
|
|
if err != nil {
|
|
|
|
ctx.ServerError("ListAccountLinks", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// map the provider display name with the LoginSource
|
2021-09-24 19:32:56 +08:00
|
|
|
sources := make(map[*login.Source]string)
|
2018-05-17 12:05:00 +08:00
|
|
|
for _, externalAccount := range accountLinks {
|
2021-09-24 19:32:56 +08:00
|
|
|
if loginSource, err := login.GetSourceByID(externalAccount.LoginSourceID); err == nil {
|
2018-05-17 12:05:00 +08:00
|
|
|
var providerDisplayName string
|
2021-08-06 09:11:08 +08:00
|
|
|
|
|
|
|
type DisplayNamed interface {
|
|
|
|
DisplayName() string
|
|
|
|
}
|
|
|
|
|
|
|
|
type Named interface {
|
|
|
|
Name() string
|
|
|
|
}
|
|
|
|
|
|
|
|
if displayNamed, ok := loginSource.Cfg.(DisplayNamed); ok {
|
|
|
|
providerDisplayName = displayNamed.DisplayName()
|
|
|
|
} else if named, ok := loginSource.Cfg.(Named); ok {
|
|
|
|
providerDisplayName = named.Name()
|
2018-05-17 12:05:00 +08:00
|
|
|
} else {
|
|
|
|
providerDisplayName = loginSource.Name
|
|
|
|
}
|
|
|
|
sources[loginSource] = providerDisplayName
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ctx.Data["AccountLinks"] = sources
|
|
|
|
|
2021-11-17 17:58:31 +08:00
|
|
|
openid, err := user_model.GetUserOpenIDs(ctx.User.ID)
|
2018-05-17 12:05:00 +08:00
|
|
|
if err != nil {
|
|
|
|
ctx.ServerError("GetUserOpenIDs", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ctx.Data["OpenIDs"] = openid
|
|
|
|
}
|