diff --git a/.fswatch.json b/.fswatch.json index 4ef36ce47..7b12022c1 100644 --- a/.fswatch.json +++ b/.fswatch.json @@ -8,6 +8,5 @@ ], "env": { "POWERED_BY": "github.com/shxsun/fswatch" - }, - "enable-restart": false + } } diff --git a/models/oauth2.go b/models/oauth2.go index 4da980067..9a38334e6 100644 --- a/models/oauth2.go +++ b/models/oauth2.go @@ -15,8 +15,8 @@ var ( ) type Oauth2 struct { - Id int64 - Uid int64 `xorm:"pk"` // userId + Id int64 `xorm:"default 1"` + Uid int64 `xorm:"pk"` // UserId User *User `xorm:"-"` Type int `xorm:"pk unique(oauth)"` // twitter,github,google... Identity string `xorm:"pk unique(oauth)"` // id.. diff --git a/routers/user/social.go b/routers/user/social.go index a35da5493..b87c313f5 100644 --- a/routers/user/social.go +++ b/routers/user/social.go @@ -6,11 +6,15 @@ package user import ( "encoding/json" + "net/http" + "net/url" "strconv" + "strings" "code.google.com/p/goauth2/oauth" "github.com/gogits/gogs/models" + "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/middleware" "github.com/gogits/gogs/modules/oauth2" @@ -69,23 +73,59 @@ func (s *SocialGithub) Update() error { return json.NewDecoder(r.Body).Decode(&s.data) } +func extractPath(next string) string { + n, err := url.Parse(next) + if err != nil { + return "/" + } + return n.Path +} + // github && google && ... func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { - gh := &SocialGithub{ - WebToken: &oauth.Token{ - AccessToken: tokens.Access(), - RefreshToken: tokens.Refresh(), - Expiry: tokens.ExpiryTime(), - Extra: tokens.ExtraData(), - }, - } - if len(tokens.Access()) == 0 { - log.Error("empty access") + var socid int64 + var ok bool + next := extractPath(ctx.Query("next")) + log.Debug("social signed check %s", next) + if socid, ok = ctx.Session.Get("socialId").(int64); ok && socid != 0 { + // already login + ctx.Redirect(next) + log.Info("login soc id: %v", socid) return } - var err error + config := &oauth.Config{ + //ClientId: base.OauthService.Github.ClientId, + //ClientSecret: base.OauthService.Github.ClientSecret, // FIXME: I don't know why compile error here + ClientId: "09383403ff2dc16daaa1", + ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea", + RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.RequestURI(), + Scope: base.OauthService.GitHub.Scopes, + AuthURL: "https://github.com/login/oauth/authorize", + TokenURL: "https://github.com/login/oauth/access_token", + } + transport := &oauth.Transport{ + Config: config, + Transport: http.DefaultTransport, + } + code := ctx.Query("code") + if code == "" { + // redirect to social login page + ctx.Redirect(config.AuthCodeURL(next)) + return + } + + // handle call back + tk, err := transport.Exchange(code) + if err != nil { + log.Error("oauth2 handle callback error: %v", err) + return // FIXME, need error page 501 + } + next = extractPath(ctx.Query("state")) + log.Debug("success token: %v", tk) + + gh := &SocialGithub{WebToken: tk} if err = gh.Update(); err != nil { - // FIXME: handle error page + // FIXME: handle error page 501 log.Error("connect with github error: %s", err) return } @@ -102,18 +142,18 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { oa.Type = soc.Type() oa.Token = soc.Token() oa.Identity = soc.Identity() - log.Info("oa: %v", oa) + log.Debug("oa: %v", oa) if err = models.AddOauth2(oa); err != nil { - log.Error("add oauth2 %v", err) + log.Error("add oauth2 %v", err) // 501 return } case models.ErrOauth2NotAssociatedWithUser: - // pass + // ignore it. judge in /usr/login page default: log.Error(err.Error()) // FIXME: handle error page return } ctx.Session.Set("socialId", oa.Id) - log.Info("socialId: %v", oa.Id) - ctx.Redirect("/") + log.Debug("socialId: %v", oa.Id) + ctx.Redirect(next) } diff --git a/web.go b/web.go index 7ebdb6b63..5dae84b64 100644 --- a/web.go +++ b/web.go @@ -91,7 +91,7 @@ func runWeb(*cli.Context) { m.Group("/user", func(r martini.Router) { r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) - r.Any("/login/github", oauth2.LoginRequired, user.SocialSignIn) + r.Any("/login/github", user.SocialSignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) r.Any("/forget_password", user.ForgotPasswd) r.Any("/reset_password", user.ResetPasswd)