// Copyright 2014 The Gogs Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. package user import ( "encoding/json" "fmt" "net/url" "strings" "code.google.com/p/goauth2/oauth" "github.com/go-martini/martini" "github.com/martini-contrib/oauth2" "github.com/gogits/gogs/models" "github.com/gogits/gogs/modules/auth" "github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/mailer" "github.com/gogits/gogs/modules/middleware" ) func Dashboard(ctx *middleware.Context) { ctx.Data["Title"] = "Dashboard" ctx.Data["PageIsUserDashboard"] = true repos, err := models.GetRepositories(&models.User{Id: ctx.User.Id}) if err != nil { ctx.Handle(200, "user.Dashboard", err) return } ctx.Data["MyRepos"] = repos feeds, err := models.GetFeeds(ctx.User.Id, 0, false) if err != nil { ctx.Handle(200, "user.Dashboard", err) return } ctx.Data["Feeds"] = feeds ctx.HTML(200, "user/dashboard") } func Profile(ctx *middleware.Context, params martini.Params) { ctx.Data["Title"] = "Profile" // TODO: Need to check view self or others. user, err := models.GetUserByName(params["username"]) if err != nil { ctx.Handle(200, "user.Profile", err) return } ctx.Data["Owner"] = user tab := ctx.Query("tab") ctx.Data["TabName"] = tab switch tab { case "activity": feeds, err := models.GetFeeds(user.Id, 0, true) if err != nil { ctx.Handle(200, "user.Profile", err) return } ctx.Data["Feeds"] = feeds default: repos, err := models.GetRepositories(user) if err != nil { ctx.Handle(200, "user.Profile", err) return } ctx.Data["Repos"] = repos } ctx.Data["PageIsUserProfile"] = true ctx.HTML(200, "user/profile") } // github && google && ... func SocialSignIn(tokens oauth2.Tokens) { transport := &oauth.Transport{} transport.Token = &oauth.Token{ AccessToken: tokens.Access(), RefreshToken: tokens.Refresh(), Expiry: tokens.ExpiryTime(), Extra: tokens.ExtraData(), } // Github API refer: https://developer.github.com/v3/users/ // FIXME: need to judge url type GithubUser struct { Id int `json:"id"` Name string `json:"login"` Email string `json:"email"` } // Make the request. scope := "https://api.github.com/user" r, err := transport.Client().Get(scope) if err != nil { log.Error("connect with github error: %s", err) // FIXME: handle error page return } defer r.Body.Close() user := &GithubUser{} err = json.NewDecoder(r.Body).Decode(user) if err != nil { log.Error("Get: %s", err) } log.Info("login: %s", user.Name) // FIXME: login here, user email to check auth, if not registe, then generate a uniq username } func SignIn(ctx *middleware.Context, form auth.LogInForm) { ctx.Data["Title"] = "Log In" if ctx.Req.Method == "GET" { // Check auto-login. userName := ctx.GetCookie(base.CookieUserName) if len(userName) == 0 { ctx.HTML(200, "user/signin") return } isSucceed := false defer func() { if !isSucceed { log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName) ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1) } }() user, err := models.GetUserByName(userName) if err != nil { ctx.HTML(200, "user/signin") return } secret := base.EncodeMd5(user.Rands + user.Passwd) value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName) if value != user.Name { ctx.HTML(200, "user/signin") return } isSucceed = true ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")) if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) } else { ctx.Redirect("/") } return } if ctx.HasError() { ctx.HTML(200, "user/signin") return } user, err := models.LoginUserPlain(form.UserName, form.Password) if err != nil { if err == models.ErrUserNotExist { log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password) ctx.RenderWithErr("Username or password is not correct", "user/signin", &form) return } ctx.Handle(200, "user.SignIn", err) return } if form.Remember == "on" { secret := base.EncodeMd5(user.Rands + user.Passwd) days := 86400 * base.LogInRememberDays ctx.SetCookie(base.CookieUserName, user.Name, days) ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) } ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")) if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) } else { ctx.Redirect("/") } } func SignOut(ctx *middleware.Context) { ctx.Session.Delete("userId") ctx.Session.Delete("userName") ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1) ctx.Redirect("/") } func SignUp(ctx *middleware.Context, form auth.RegisterForm) { ctx.Data["Title"] = "Sign Up" ctx.Data["PageIsSignUp"] = true if base.Service.DisenableRegisteration { ctx.Data["DisenableRegisteration"] = true ctx.HTML(200, "user/signup") return } if ctx.Req.Method == "GET" { ctx.HTML(200, "user/signup") return } if form.Password != form.RetypePasswd { ctx.Data["HasError"] = true ctx.Data["Err_Password"] = true ctx.Data["Err_RetypePasswd"] = true ctx.Data["ErrorMsg"] = "Password and re-type password are not same" auth.AssignForm(form, ctx.Data) } if ctx.HasError() { ctx.HTML(200, "user/signup") return } u := &models.User{ Name: form.UserName, Email: form.Email, Passwd: form.Password, IsActive: !base.Service.RegisterEmailConfirm, } var err error if u, err = models.RegisterUser(u); err != nil { switch err { case models.ErrUserAlreadyExist: ctx.RenderWithErr("Username has been already taken", "user/signup", &form) case models.ErrEmailAlreadyUsed: ctx.RenderWithErr("E-mail address has been already used", "user/signup", &form) case models.ErrUserNameIllegal: ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "user/signup", &form) default: ctx.Handle(200, "user.SignUp", err) } return } log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName)) // Send confirmation e-mail. if base.Service.RegisterEmailConfirm && u.Id > 1 { mailer.SendRegisterMail(ctx.Render, u) ctx.Data["IsSendRegisterMail"] = true ctx.Data["Email"] = u.Email ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60 ctx.HTML(200, "user/active") if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil { log.Error("Set cache(MailResendLimit) fail: %v", err) } return } ctx.Redirect("/user/login") } func Delete(ctx *middleware.Context) { ctx.Data["Title"] = "Delete Account" ctx.Data["PageIsUserSetting"] = true ctx.Data["IsUserPageSettingDelete"] = true if ctx.Req.Method == "GET" { ctx.HTML(200, "user/delete") return } tmpUser := models.User{Passwd: ctx.Query("password")} tmpUser.EncodePasswd() if len(tmpUser.Passwd) == 0 || tmpUser.Passwd != ctx.User.Passwd { ctx.Data["HasError"] = true ctx.Data["ErrorMsg"] = "Password is not correct. Make sure you are owner of this account." } else { if err := models.DeleteUser(ctx.User); err != nil { ctx.Data["HasError"] = true switch err { case models.ErrUserOwnRepos: ctx.Data["ErrorMsg"] = "Your account still have ownership of repository, you have to delete or transfer them first." default: ctx.Handle(200, "user.Delete", err) return } } else { ctx.Redirect("/") return } } ctx.HTML(200, "user/delete") } const ( TPL_FEED = `