Avoid duplicate queries in auth (#827)

Avoid identical making calls to GetUserByID(..) in SignedInUser(..)
2017-02-05 08:10:46 -05:00 · 2017-02-05 08:10:46 -05:00 · e86d935175
parent bf647ce143
commit e86d935175
1 changed files with 49 additions and 58 deletions
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@ -69,14 +69,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
 	uid := sess.Get("uid")
 	if uid == nil {
 		return 0
-	}
+	} else if id, ok := uid.(int64); ok {
 	if id, ok := uid.(int64); ok {
 		if _, err := models.GetUserByID(id); err != nil {
 			if !models.IsErrUserNotExist(err) {
 				log.Error(4, "GetUserById: %v", err)
 			}
 			return 0
 		}
 		return id
 	}
 	return 0
@ -89,66 +82,64 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
 		return nil, false
 	}
-	uid := SignedInID(ctx, sess)
+	if uid := SignedInID(ctx, sess); uid > 0 {
-
+		user, err := models.GetUserByID(uid)
-	if uid <= 0 {
+		if err == nil {
-		if setting.Service.EnableReverseProxyAuth {
+			return user, false
-			webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)
+		} else if !models.IsErrUserNotExist(err) {
-			if len(webAuthUser) > 0 {
+			log.Error(4, "GetUserById: %v", err)
 				u, err := models.GetUserByName(webAuthUser)
 				if err != nil {
 					if !models.IsErrUserNotExist(err) {
 						log.Error(4, "GetUserByName: %v", err)
 						return nil, false
 					}
 					// Check if enabled auto-registration.
 					if setting.Service.EnableReverseProxyAutoRegister {
 						u := &models.User{
 							Name:     webAuthUser,
 							Email:    gouuid.NewV4().String() + "@localhost",
 							Passwd:   webAuthUser,
 							IsActive: true,
 						}
 						if err = models.CreateUser(u); err != nil {
 							// FIXME: should I create a system notice?
 							log.Error(4, "CreateUser: %v", err)
 							return nil, false
 						}
 						return u, false
 					}
 				}
 				return u, false
 			}
 		}
 	}
-		// Check with basic auth.
+	if setting.Service.EnableReverseProxyAuth {
-		baHead := ctx.Req.Header.Get("Authorization")
+		webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)
-		if len(baHead) > 0 {
+		if len(webAuthUser) > 0 {
-			auths := strings.Fields(baHead)
+			u, err := models.GetUserByName(webAuthUser)
-			if len(auths) == 2 && auths[0] == "Basic" {
+			if err != nil {
-				uname, passwd, _ := base.BasicAuthDecode(auths[1])
+				if !models.IsErrUserNotExist(err) {
-
+					log.Error(4, "GetUserByName: %v", err)
 				u, err := models.UserSignIn(uname, passwd)
 				if err != nil {
 					if !models.IsErrUserNotExist(err) {
 						log.Error(4, "UserSignIn: %v", err)
 					}
 					return nil, false
 				}
-				return u, true
+				// Check if enabled auto-registration.
 				if setting.Service.EnableReverseProxyAutoRegister {
 					u := &models.User{
 						Name:     webAuthUser,
 						Email:    gouuid.NewV4().String() + "@localhost",
 						Passwd:   webAuthUser,
 						IsActive: true,
 					}
 					if err = models.CreateUser(u); err != nil {
 						// FIXME: should I create a system notice?
 						log.Error(4, "CreateUser: %v", err)
 						return nil, false
 					}
 					return u, false
 				}
 			}
 			return u, false
 		}
 		return nil, false
 	}
-	u, err := models.GetUserByID(uid)
+	// Check with basic auth.
-	if err != nil {
+	baHead := ctx.Req.Header.Get("Authorization")
-		log.Error(4, "GetUserById: %v", err)
+	if len(baHead) > 0 {
-		return nil, false
+		auths := strings.Fields(baHead)
 		if len(auths) == 2 && auths[0] == "Basic" {
 			uname, passwd, _ := base.BasicAuthDecode(auths[1])
 			u, err := models.UserSignIn(uname, passwd)
 			if err != nil {
 				if !models.IsErrUserNotExist(err) {
 					log.Error(4, "UserSignIn: %v", err)
 				}
 				return nil, false
 			}
 			return u, true
 		}
 	}
-	return u, false
+	return nil, false
 }
 // Form form binding interface