parent
fe55ab2a68
commit
2a660a1de1
5 changed files with 28 additions and 10 deletions
|
@ -261,6 +261,7 @@ COOKIE_USERNAME = gitea_awesome
|
|||
COOKIE_REMEMBER_NAME = gitea_incredible
|
||||
; Reverse proxy authentication header name of user name
|
||||
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
|
||||
; The minimum password length for new Users
|
||||
MIN_PASSWORD_LENGTH = 6
|
||||
; Set to true to allow users to import local server paths
|
||||
|
@ -323,6 +324,7 @@ ENABLE_NOTIFY_MAIL = false
|
|||
; More detail: https://github.com/gogits/gogs/issues/165
|
||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||
ENABLE_REVERSE_PROXY_EMAIL = false
|
||||
; Enable captcha validation for registration
|
||||
ENABLE_CAPTCHA = false
|
||||
; Type of captcha you want to use. Options: image, recaptcha
|
||||
|
|
|
@ -160,6 +160,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
|||
information.
|
||||
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
|
||||
authentication.
|
||||
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy
|
||||
authentication provided email.
|
||||
- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom
|
||||
git hooks.
|
||||
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
|
||||
|
@ -188,6 +190,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
|||
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
|
||||
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
|
||||
for reverse authentication.
|
||||
- `ENABLE_REVERSE_PROXY_EMAIL`: **false**: Enable this to allow to auto-registration with a
|
||||
provided email rather than a generated email.
|
||||
- `ENABLE_CAPTCHA`: **false**: Enable this to use captcha validation for registration.
|
||||
- `CAPTCHA_TYPE`: **image**: \[image, recaptcha\]
|
||||
- `RECAPTCHA_SECRET`: **""**: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
|
||||
|
|
|
@ -105,9 +105,16 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
|
|||
|
||||
// Check if enabled auto-registration.
|
||||
if setting.Service.EnableReverseProxyAutoRegister {
|
||||
email := gouuid.NewV4().String() + "@localhost"
|
||||
if setting.Service.EnableReverseProxyEmail {
|
||||
webAuthEmail := ctx.Req.Header.Get(setting.ReverseProxyAuthEmail)
|
||||
if len(webAuthEmail) > 0 {
|
||||
email = webAuthEmail
|
||||
}
|
||||
}
|
||||
u := &models.User{
|
||||
Name: webAuthUser,
|
||||
Email: gouuid.NewV4().String() + "@localhost",
|
||||
Email: email,
|
||||
Passwd: webAuthUser,
|
||||
IsActive: true,
|
||||
}
|
||||
|
|
|
@ -163,6 +163,7 @@ var (
|
|||
CookieUserName string
|
||||
CookieRememberName string
|
||||
ReverseProxyAuthUser string
|
||||
ReverseProxyAuthEmail string
|
||||
MinPasswordLength int
|
||||
ImportLocalPaths bool
|
||||
DisableGitHooks bool
|
||||
|
@ -950,6 +951,7 @@ func NewContext() {
|
|||
CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome")
|
||||
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible")
|
||||
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
|
||||
ReverseProxyAuthEmail = sec.Key("REVERSE_PROXY_AUTHENTICATION_EMAIL").MustString("X-WEBAUTH-EMAIL")
|
||||
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
|
||||
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
|
||||
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
||||
|
@ -1216,6 +1218,7 @@ var Service struct {
|
|||
EnableNotifyMail bool
|
||||
EnableReverseProxyAuth bool
|
||||
EnableReverseProxyAutoRegister bool
|
||||
EnableReverseProxyEmail bool
|
||||
EnableCaptcha bool
|
||||
CaptchaType string
|
||||
RecaptchaSecret string
|
||||
|
@ -1247,6 +1250,7 @@ func newService() {
|
|||
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
|
||||
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
|
||||
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
|
||||
Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool()
|
||||
Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false)
|
||||
Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha)
|
||||
Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("")
|
||||
|
|
|
@ -215,6 +215,7 @@ func Config(ctx *context.Context) {
|
|||
ctx.Data["LogRootPath"] = setting.LogRootPath
|
||||
ctx.Data["ScriptType"] = setting.ScriptType
|
||||
ctx.Data["ReverseProxyAuthUser"] = setting.ReverseProxyAuthUser
|
||||
ctx.Data["ReverseProxyAuthEmail"] = setting.ReverseProxyAuthEmail
|
||||
|
||||
ctx.Data["SSH"] = setting.SSH
|
||||
|
||||
|
|
Reference in a new issue