mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-23 07:43:18 -05:00
Extract updateSession function to reduce repetition (#21735)
A simple refactor to reduce duplicate codes. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
This commit is contained in:
parent
385462d36c
commit
1d22911cfe
4 changed files with 80 additions and 135 deletions
|
@ -82,19 +82,12 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
|
||||||
|
|
||||||
isSucceed = true
|
isSucceed = true
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
return false, fmt.Errorf("unable to RegenerateSession: Error: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Set session IDs
|
// Set session IDs
|
||||||
if err := ctx.Session.Set("uid", u.ID); err != nil {
|
"uid": u.ID,
|
||||||
return false, err
|
"uname": u.Name,
|
||||||
}
|
}); err != nil {
|
||||||
if err := ctx.Session.Set("uname", u.Name); err != nil {
|
return false, fmt.Errorf("unable to updateSession: %w", err)
|
||||||
return false, err
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
return false, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := resetLocale(ctx, u); err != nil {
|
if err := resetLocale(ctx, u); err != nil {
|
||||||
|
@ -252,32 +245,17 @@ func SignInPost(ctx *context.Context) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
updates := map[string]interface{}{
|
||||||
ctx.ServerError("UserSignIn: Unable to set regenerate session", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// User will need to use 2FA TOTP or WebAuthn, save data
|
// User will need to use 2FA TOTP or WebAuthn, save data
|
||||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
"twofaUid": u.ID,
|
||||||
ctx.ServerError("UserSignIn: Unable to set twofaUid in session", err)
|
"twofaRemember": form.Remember,
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := ctx.Session.Set("twofaRemember", form.Remember); err != nil {
|
|
||||||
ctx.ServerError("UserSignIn: Unable to set twofaRemember in session", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
if hasTOTPtwofa {
|
if hasTOTPtwofa {
|
||||||
// User will need to use WebAuthn, save data
|
// User will need to use WebAuthn, save data
|
||||||
if err := ctx.Session.Set("totpEnrolled", u.ID); err != nil {
|
updates["totpEnrolled"] = u.ID
|
||||||
ctx.ServerError("UserSignIn: Unable to set WebAuthn Enrolled in session", err)
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
}
|
if err := updateSession(ctx, nil, updates); err != nil {
|
||||||
|
ctx.ServerError("UserSignIn: Unable to update session", err)
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
ctx.ServerError("UserSignIn: Unable to save session", err)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -308,29 +286,23 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
|
||||||
setting.CookieRememberName, u.Name, days)
|
setting.CookieRememberName, u.Name, days)
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, []string{
|
||||||
|
// Delete the openid, 2fa and linkaccount data
|
||||||
|
"openid_verified_uri",
|
||||||
|
"openid_signin_remember",
|
||||||
|
"openid_determined_email",
|
||||||
|
"openid_determined_username",
|
||||||
|
"twofaUid",
|
||||||
|
"twofaRemember",
|
||||||
|
"linkAccount",
|
||||||
|
}, map[string]interface{}{
|
||||||
|
"uid": u.ID,
|
||||||
|
"uname": u.Name,
|
||||||
|
}); err != nil {
|
||||||
ctx.ServerError("RegenerateSession", err)
|
ctx.ServerError("RegenerateSession", err)
|
||||||
return setting.AppSubURL + "/"
|
return setting.AppSubURL + "/"
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete the openid, 2fa and linkaccount data
|
|
||||||
_ = ctx.Session.Delete("openid_verified_uri")
|
|
||||||
_ = ctx.Session.Delete("openid_signin_remember")
|
|
||||||
_ = ctx.Session.Delete("openid_determined_email")
|
|
||||||
_ = ctx.Session.Delete("openid_determined_username")
|
|
||||||
_ = ctx.Session.Delete("twofaUid")
|
|
||||||
_ = ctx.Session.Delete("twofaRemember")
|
|
||||||
_ = ctx.Session.Delete("linkAccount")
|
|
||||||
if err := ctx.Session.Set("uid", u.ID); err != nil {
|
|
||||||
log.Error("Error setting uid %d in session: %v", u.ID, err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("uname", u.Name); err != nil {
|
|
||||||
log.Error("Error setting uname %s session: %v", u.Name, err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Unable to store session: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Language setting of the user overwrites the one previously set
|
// Language setting of the user overwrites the one previously set
|
||||||
// If the user does not have a locale set, we save the current one.
|
// If the user does not have a locale set, we save the current one.
|
||||||
if len(u.Language) == 0 {
|
if len(u.Language) == 0 {
|
||||||
|
@ -762,22 +734,15 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) {
|
||||||
|
|
||||||
log.Trace("User activated: %s", user.Name)
|
log.Trace("User activated: %s", user.Name)
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
|
"uid": user.ID,
|
||||||
|
"uname": user.Name,
|
||||||
|
}); err != nil {
|
||||||
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err)
|
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err)
|
||||||
ctx.ServerError("ActivateUserEmail", err)
|
ctx.ServerError("ActivateUserEmail", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := ctx.Session.Set("uid", user.ID); err != nil {
|
|
||||||
log.Error("Error setting uid in session[%s]: %v", ctx.Session.ID(), err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("uname", user.Name); err != nil {
|
|
||||||
log.Error("Error setting uname in session[%s]: %v", ctx.Session.ID(), err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Error storing session[%s]: %v", ctx.Session.ID(), err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := resetLocale(ctx, user); err != nil {
|
if err := resetLocale(ctx, user); err != nil {
|
||||||
ctx.ServerError("resetLocale", err)
|
ctx.ServerError("resetLocale", err)
|
||||||
return
|
return
|
||||||
|
@ -821,3 +786,25 @@ func ActivateEmail(ctx *context.Context) {
|
||||||
// Should users be logged in automatically here? (consider 2FA requirements, etc.)
|
// Should users be logged in automatically here? (consider 2FA requirements, etc.)
|
||||||
ctx.Redirect(setting.AppSubURL + "/user/settings/account")
|
ctx.Redirect(setting.AppSubURL + "/user/settings/account")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func updateSession(ctx *context.Context, deletes []string, updates map[string]interface{}) error {
|
||||||
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
||||||
|
return fmt.Errorf("regenerate session: %w", err)
|
||||||
|
}
|
||||||
|
sess := ctx.Session
|
||||||
|
sessID := sess.ID()
|
||||||
|
for _, k := range deletes {
|
||||||
|
if err := sess.Delete(k); err != nil {
|
||||||
|
return fmt.Errorf("delete %v in session[%s]: %w", k, sessID, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
for k, v := range updates {
|
||||||
|
if err := sess.Set(k, v); err != nil {
|
||||||
|
return fmt.Errorf("set %v in session[%s]: %w", k, sessID, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if err := sess.Release(); err != nil {
|
||||||
|
return fmt.Errorf("store session[%s]: %w", sessID, err)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
|
@ -18,7 +18,6 @@ import (
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/mcaptcha"
|
"code.gitea.io/gitea/modules/mcaptcha"
|
||||||
"code.gitea.io/gitea/modules/recaptcha"
|
"code.gitea.io/gitea/modules/recaptcha"
|
||||||
"code.gitea.io/gitea/modules/session"
|
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/web"
|
"code.gitea.io/gitea/modules/web"
|
||||||
auth_service "code.gitea.io/gitea/services/auth"
|
auth_service "code.gitea.io/gitea/services/auth"
|
||||||
|
@ -156,25 +155,16 @@ func linkAccount(ctx *context.Context, u *user_model.User, gothUser goth.User, r
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
|
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||||
|
"twofaUid": u.ID,
|
||||||
|
"twofaRemember": remember,
|
||||||
|
"linkAccount": true,
|
||||||
|
}); err != nil {
|
||||||
ctx.ServerError("RegenerateSession", err)
|
ctx.ServerError("RegenerateSession", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
|
||||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
|
||||||
log.Error("Error setting twofaUid in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("twofaRemember", remember); err != nil {
|
|
||||||
log.Error("Error setting twofaRemember in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("linkAccount", true); err != nil {
|
|
||||||
log.Error("Error setting linkAccount in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Error storing session: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// If WebAuthn is enrolled -> Redirect to WebAuthn instead
|
// If WebAuthn is enrolled -> Redirect to WebAuthn instead
|
||||||
regs, err := auth.GetWebAuthnCredentialsByUID(u.ID)
|
regs, err := auth.GetWebAuthnCredentialsByUID(u.ID)
|
||||||
if err == nil && len(regs) > 0 {
|
if err == nil && len(regs) > 0 {
|
||||||
|
|
|
@ -22,7 +22,6 @@ import (
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
"code.gitea.io/gitea/modules/json"
|
"code.gitea.io/gitea/modules/json"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/session"
|
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/timeutil"
|
"code.gitea.io/gitea/modules/timeutil"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
|
@ -1027,17 +1026,12 @@ func setUserGroupClaims(loginSource *auth.Source, u *user_model.User, gothUser *
|
||||||
}
|
}
|
||||||
|
|
||||||
func showLinkingLogin(ctx *context.Context, gothUser goth.User) {
|
func showLinkingLogin(ctx *context.Context, gothUser goth.User) {
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
ctx.ServerError("RegenerateSession", err)
|
"linkAccountGothUser": gothUser,
|
||||||
|
}); err != nil {
|
||||||
|
ctx.ServerError("updateSession", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := ctx.Session.Set("linkAccountGothUser", gothUser); err != nil {
|
|
||||||
log.Error("Error setting linkAccountGothUser in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Error storing session: %v", err)
|
|
||||||
}
|
|
||||||
ctx.Redirect(setting.AppSubURL + "/user/link_account")
|
ctx.Redirect(setting.AppSubURL + "/user/link_account")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1075,21 +1069,14 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
|
||||||
// If this user is enrolled in 2FA and this source doesn't override it,
|
// If this user is enrolled in 2FA and this source doesn't override it,
|
||||||
// we can't sign the user in just yet. Instead, redirect them to the 2FA authentication page.
|
// we can't sign the user in just yet. Instead, redirect them to the 2FA authentication page.
|
||||||
if !needs2FA {
|
if !needs2FA {
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
ctx.ServerError("RegenerateSession", err)
|
"uid": u.ID,
|
||||||
|
"uname": u.Name,
|
||||||
|
}); err != nil {
|
||||||
|
ctx.ServerError("updateSession", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := ctx.Session.Set("uid", u.ID); err != nil {
|
|
||||||
log.Error("Error setting uid in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("uname", u.Name); err != nil {
|
|
||||||
log.Error("Error setting uname in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Error storing session: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Clear whatever CSRF cookie has right now, force to generate a new one
|
// Clear whatever CSRF cookie has right now, force to generate a new one
|
||||||
middleware.DeleteCSRFCookie(ctx.Resp)
|
middleware.DeleteCSRFCookie(ctx.Resp)
|
||||||
|
|
||||||
|
@ -1138,20 +1125,13 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
ctx.ServerError("RegenerateSession", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// User needs to use 2FA, save data and redirect to 2FA page.
|
// User needs to use 2FA, save data and redirect to 2FA page.
|
||||||
if err := ctx.Session.Set("twofaUid", u.ID); err != nil {
|
"twofaUid": u.ID,
|
||||||
log.Error("Error setting twofaUid in session: %v", err)
|
"twofaRemember": false,
|
||||||
}
|
}); err != nil {
|
||||||
if err := ctx.Session.Set("twofaRemember", false); err != nil {
|
ctx.ServerError("updateSession", err)
|
||||||
log.Error("Error setting twofaRemember in session: %v", err)
|
return
|
||||||
}
|
|
||||||
if err := ctx.Session.Release(); err != nil {
|
|
||||||
log.Error("Error storing session: %v", err)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// If WebAuthn is enrolled -> Redirect to WebAuthn instead
|
// If WebAuthn is enrolled -> Redirect to WebAuthn instead
|
||||||
|
|
|
@ -17,7 +17,6 @@ import (
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/mcaptcha"
|
"code.gitea.io/gitea/modules/mcaptcha"
|
||||||
"code.gitea.io/gitea/modules/recaptcha"
|
"code.gitea.io/gitea/modules/recaptcha"
|
||||||
"code.gitea.io/gitea/modules/session"
|
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
"code.gitea.io/gitea/modules/web"
|
"code.gitea.io/gitea/modules/web"
|
||||||
|
@ -232,27 +231,16 @@ func signInOpenIDVerify(ctx *context.Context) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
|
|
||||||
ctx.ServerError("RegenerateSession", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := ctx.Session.Set("openid_verified_uri", id); err != nil {
|
|
||||||
log.Error("signInOpenIDVerify: Could not set openid_verified_uri in session: %v", err)
|
|
||||||
}
|
|
||||||
if err := ctx.Session.Set("openid_determined_email", email); err != nil {
|
|
||||||
log.Error("signInOpenIDVerify: Could not set openid_determined_email in session: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if u != nil {
|
if u != nil {
|
||||||
nickname = u.LowerName
|
nickname = u.LowerName
|
||||||
}
|
}
|
||||||
|
if err := updateSession(ctx, nil, map[string]interface{}{
|
||||||
if err := ctx.Session.Set("openid_determined_username", nickname); err != nil {
|
"openid_verified_uri": id,
|
||||||
log.Error("signInOpenIDVerify: Could not set openid_determined_username in session: %v", err)
|
"openid_determined_email": email,
|
||||||
}
|
"openid_determined_username": nickname,
|
||||||
if err := ctx.Session.Release(); err != nil {
|
}); err != nil {
|
||||||
log.Error("signInOpenIDVerify: Unable to save changes to the session: %v", err)
|
ctx.ServerError("updateSession", err)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if u != nil || !setting.Service.EnableOpenIDSignUp || setting.Service.AllowOnlyInternalRegistration {
|
if u != nil || !setting.Service.EnableOpenIDSignUp || setting.Service.AllowOnlyInternalRegistration {
|
||||||
|
|
Loading…
Reference in a new issue