Commit graph

110 commits

Author SHA1 Message Date
schaffman5
7e6c198f21 Apply LANDING_PAGE config options for logged in users ()
* Extended LANDINGPAGE config variable to logged in users and added switch for 'organizations' in addition to 'home' and 'explore'.

* Updated comments.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>

* Extended LANDINGPAGE config variable to trigger when user logs in and added switch for 'organizations' in addition to 'home' and 'explore'.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>

* Extended LANDINGPAGE config variable to logged in users and added switch for 'organizations' in addition to 'home' and 'explore'.

* Updated comments.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>

* Extended LANDINGPAGE config variable to trigger when user logs in and added switch for 'organizations' in addition to 'home' and 'explore'.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>

* Removed superfluous conditional and correct whitespace.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>

* Update app.ini

Reverted new line.

* Formatting.

Signed-off-by: Mike Schaffer <mschaff@gmail.com>
2017-11-20 15:48:09 +08:00
David Schneiderbauer
174255e74e Log failed authentication attempts with remote address for fail2ban ()
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
2017-08-24 08:57:54 +03:00
Lunny Xiao
f960e19c59 Only update needed columns when update user ()
* only update needed columns when update user

* fix missing update_unix column
2017-08-12 22:18:44 +08:00
Lauris BH
32fc44aa83 Make time diff translatable () 2017-06-28 13:43:28 +08:00
Jonas Östanbäck
b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … ()
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Jonas Östanbäck
e214728725 Add new text for reset password flash ()
* Forgot password should use ResetPwdCodeLives, not ActiveCodeLives
 * Improve documentation for different send mail functions related to password reset
 * Improve documentation in conf/app.ini regarding xxx_CODE_LIVE_MINUTES settings
2017-05-14 10:38:30 +08:00
Willem van Dreumel
950f2e2074 Additional OAuth2 providers ()
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Sandro Santilli
15f5d8e794 Reduce conditionals in signin/signup inner forms
by always using SignInLink and SignUpLink in the form action
2017-03-20 09:40:42 +01:00
Sandro Santilli
71d16f69ff Login via OpenID-2.0 () 2017-03-17 15:16:08 +01:00
Sandro Santilli
7d8f9d1c46 Rename /forget_password url to /forgot_password
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`

Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
2017-03-14 22:54:07 +01:00
Sandro Santilli
8a98a25d8e Show a link to password reset from password change and delete account ()
It's helpful when you forgot your password thus cannot change it
(can happen if you log in via OAuth2 or OpenID)

Also make sure that both the delete-account and password-change
links to forgot-password will have the primary email pre-filled
2017-03-11 17:11:54 +08:00
Willem van Dreumel
8947b711aa Link OAuth2 account to 2FA enabled account (fix ) ()
* fixes  where linking an account to a 2fa enabled account failed because we forgot to really link the account when 2fa is completed

* handle errors
2017-02-27 18:10:26 +08:00
Lunny Xiao
19b3c45ca7 fix 500 when use a duplicat email instead of giving an error tip () 2017-02-25 22:57:06 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer ()
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Andrew
6dd096b7f0 Two factor authentication support ()
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Bwko
f27d87d93b Added minimum password length to app.ini () 2016-12-24 21:40:44 +08:00
Denis Denisov
380e32e129 Fix random string generator ()
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Lunny Xiao
94da472717 Golint fixed for modules/setting ()
* golint fixed for modules/setting

* typo fixed and renamed UNIXSOCKET to UnixSocket
2016-11-27 18:14:25 +08:00
Lunny Xiao
cf045b029c golint fixed for parts of routers root, dev, user and org dirs ()
* golint fixed for parts of routers root, dev and org dirs

* add user/auth.go golint fixed

* rename unnecessary exported to unexported and user dir golint fixed
2016-11-18 11:03:03 +08:00
Thibault Meyer
ddee4c8b58
Normalize files with gofmt 2016-11-11 13:11:45 +01:00
Sandro Santilli
4247304f5a Update import paths from github.com/go-gitea to code.gitea.io ()
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Joubert RedRat
f91cbf0fed Support to last login feature 2016-11-09 08:53:45 -02:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs () 2016-11-03 10:29:56 -02:00
LefsFlare
2cb5ec5983 Prevented user enumeration of valid users through HTTP status codes of login () () 2016-10-16 22:08:40 -04:00
Unknwon
f0b5c3b90a redirect if any after sign in 2016-08-27 15:07:02 -07:00
Unknwon
1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Unknwon
f1b8d52eb3 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Unknwon
8966f5635d Merge pull request from zacheryph/feature/local-only-password-reset
Prevent `Forgot Password` for non local users
2016-03-14 16:44:05 -04:00
Zachery Hostens
63e21c146a ensure we don’t try changing LDAP passswords 2016-03-14 09:40:16 -05:00
Unknwon
b4f47a7623 attempt to fix invalid csrf token 2016-03-12 20:56:03 -05:00
Unknwon
514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Unknwon
7f9598141b fix 2015-11-24 18:49:34 -05:00
Unknwon
dc0c0dc06b fix typo for 2015-11-19 11:52:39 -05:00
Unknwon
9330c943cd work on 2015-11-18 23:52:09 -05:00
Unknwon
932dbccb67 fix import path, fix 2015-10-15 21:28:12 -04:00
Unknwon
3fb1b6a608 drop oauth2 feature support 2015-09-17 16:11:44 -04:00
Unknwon
9d36fc6986 finish new auth e-mails 2015-09-17 14:57:24 -04:00
Unknwon
373731f5e8 user gomail and new activate account email tpl
- : fallback plain text
- : add date header
- : fix encoding of header
2015-09-17 01:54:12 -04:00
Unknwon
83e747bfda and and new admin edit user UI 2015-09-13 11:07:21 -04:00
Unknwon
8e0a69f86a disable captcha and new admin create user UI 2015-09-13 09:51:51 -04:00
Unknwon
47ac579f09 only assign auto-admin when sign up by web 2015-08-19 04:58:45 +08:00
Unknwon
817b48ed1e Show owner/poster tags of comments and fix 2015-08-14 02:43:40 +08:00
Unknwon
e50982f5ec allow anonymous SSH clone 2015-08-05 11:14:17 +08:00
Unknwon
698b9e2acc Clearer error message for illegal characters 2015-03-26 17:11:47 -04:00
Unknwon
1654e9ecab templates/user/settings/emial.tmpl: little fix on UI
- routers/user: little code format
- conf/locale: update French locale
2015-02-21 22:13:47 -05:00
无闻
a18decf4cc Merge pull request from phsmit/multiple_emails
Multiple emails
2014-12-20 22:47:05 -05:00
Unknwon
57b3be4016 work on 2014-12-17 23:04:05 -05:00
Peter
ec71d538fc Method for activating email addresses through verification email 2014-12-17 17:41:49 +02:00
Unknwon
146c8efee3 Fix API broken 2014-10-18 23:42:43 -04:00
Unknwon
3abc41ccca Fix API broken 2014-10-18 23:26:55 -04:00
Martin van Beurden
976f1486e0 Set cookiepath to AppSubUrl 2014-09-21 14:25:22 +02:00
Unknwon
7ba9257a7f Add suburl support 2014-09-19 20:11:34 -04:00
Martin van Beurden
0055cbd365 Allow Gogs to run from a suburl behind a reverse proxy. e.g. http://mydomain.com/gogs/
Conflicts:
	modules/setting/setting.go

Conflicts:
	templates/repo/release/list.tmpl
	templates/user/dashboard/dashboard.tmpl

Conflicts:
	routers/repo/setting.go
2014-09-18 20:50:48 +02:00
Unknwon
632b1b694d Fix 2014-09-15 09:56:12 -04:00
Unknwon
bba707de36 Finish team list, create new team, join/leave team page 2014-08-16 16:21:17 +08:00
Unknwon
7af7584d25 Finish new reset password, etc. 2014-08-09 21:02:00 -07:00
Unknwon
78defd238c Page: Manage social accounts 2014-08-09 17:25:02 -07:00
Unknwon
e8c9bb2c66 Finish new collaboration page 2014-08-07 06:40:05 -04:00
Unknwon
7bbf644dd5 Convert captcha, cache, csrf as middlewares 2014-07-31 17:25:34 -04:00
Unknwon
8dd07c0ddd New UI merge in progress 2014-07-26 00:24:27 -04:00