finish github oauth2 support

This commit is contained in:
skyblue 2014-04-12 01:01:30 +08:00
parent df000245d1
commit dd815ae7b5
5 changed files with 86 additions and 26 deletions

View file

@ -4,7 +4,11 @@
package models package models
import "errors" import (
"errors"
"github.com/gogits/gogs/modules/log"
)
// OT: Oauth2 Type // OT: Oauth2 Type
const ( const (
@ -16,17 +20,23 @@ const (
var ( var (
ErrOauth2RecordNotExists = errors.New("not exists oauth2 record") ErrOauth2RecordNotExists = errors.New("not exists oauth2 record")
ErrOauth2NotAssociatedWithUser = errors.New("not associated with user") ErrOauth2NotAssociatedWithUser = errors.New("not associated with user")
ErrOauth2NotExist = errors.New("not exist oauth2")
) )
type Oauth2 struct { type Oauth2 struct {
Id int64 Id int64
Uid int64 // userId Uid int64 `xorm:"unique(s)"` // userId
User *User `xorm:"-"` User *User `xorm:"-"`
Type int `xorm:"pk unique(oauth)"` // twitter,github,google... Type int `xorm:"unique(s) unique(oauth)"` // twitter,github,google...
Identity string `xorm:"pk unique(oauth)"` // id.. Identity string `xorm:"unique(s) unique(oauth)"` // id..
Token string `xorm:"VARCHAR(200) not null"` Token string `xorm:"VARCHAR(200) not null"`
} }
func BindUserOauth2(userId, oauthId int64) error {
_, err := orm.Id(oauthId).Update(&Oauth2{Uid: userId})
return err
}
func AddOauth2(oa *Oauth2) (err error) { func AddOauth2(oa *Oauth2) (err error) {
if _, err = orm.Insert(oa); err != nil { if _, err = orm.Insert(oa); err != nil {
return err return err
@ -47,3 +57,16 @@ func GetOauth2(identity string) (oa *Oauth2, err error) {
oa.User, err = GetUserById(oa.Uid) oa.User, err = GetUserById(oa.Uid)
return oa, err return oa, err
} }
func GetOauth2ById(id int64) (oa *Oauth2, err error) {
oa = new(Oauth2)
has, err := orm.Id(id).Get(oa)
log.Info("oa: %v", oa)
if err != nil {
return nil, err
}
if !has {
return nil, ErrOauth2NotExist
}
return oa, nil
}

View file

@ -22,10 +22,9 @@ import (
type SocialConnector interface { type SocialConnector interface {
Identity() string Identity() string
Type() int
Name() string Name() string
Email() string Email() string
Token() string TokenString() string
} }
type SocialGithub struct { type SocialGithub struct {
@ -34,17 +33,13 @@ type SocialGithub struct {
Name string `json:"login"` Name string `json:"login"`
Email string `json:"email"` Email string `json:"email"`
} }
WebToken *oauth.Token Token *oauth.Token
} }
func (s *SocialGithub) Identity() string { func (s *SocialGithub) Identity() string {
return strconv.Itoa(s.data.Id) return strconv.Itoa(s.data.Id)
} }
func (s *SocialGithub) Type() int {
return models.OT_GITHUB
}
func (s *SocialGithub) Name() string { func (s *SocialGithub) Name() string {
return s.data.Name return s.data.Name
} }
@ -53,8 +48,8 @@ func (s *SocialGithub) Email() string {
return s.data.Email return s.data.Email
} }
func (s *SocialGithub) Token() string { func (s *SocialGithub) TokenString() string {
data, _ := json.Marshal(s.WebToken) data, _ := json.Marshal(s.Token)
return string(data) return string(data)
} }
@ -62,7 +57,7 @@ func (s *SocialGithub) Token() string {
func (s *SocialGithub) Update() error { func (s *SocialGithub) Update() error {
scope := "https://api.github.com/user" scope := "https://api.github.com/user"
transport := &oauth.Transport{ transport := &oauth.Transport{
Token: s.WebToken, Token: s.Token,
} }
log.Debug("update github info") log.Debug("update github info")
r, err := transport.Client().Get(scope) r, err := transport.Client().Get(scope)
@ -122,7 +117,7 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) {
next = extractPath(ctx.Query("state")) next = extractPath(ctx.Query("state"))
log.Debug("success token: %v", tk) log.Debug("success token: %v", tk)
gh := &SocialGithub{WebToken: tk} gh := &SocialGithub{Token: tk}
if err = gh.Update(); err != nil { if err = gh.Update(); err != nil {
// FIXME: handle error page 501 // FIXME: handle error page 501
log.Error("connect with github error: %s", err) log.Error("connect with github error: %s", err)
@ -137,9 +132,9 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) {
ctx.Session.Set("userName", oa.User.Name) ctx.Session.Set("userName", oa.User.Name)
case models.ErrOauth2RecordNotExists: case models.ErrOauth2RecordNotExists:
oa = &models.Oauth2{} oa = &models.Oauth2{}
oa.Uid = 0 oa.Uid = -1
oa.Type = soc.Type() oa.Type = models.OT_GITHUB
oa.Token = soc.Token() oa.Token = soc.TokenString()
oa.Identity = soc.Identity() oa.Identity = soc.Identity()
log.Debug("oa: %v", oa) log.Debug("oa: %v", oa)
if err = models.AddOauth2(oa); err != nil { if err = models.AddOauth2(oa); err != nil {
@ -147,7 +142,11 @@ func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) {
return return
} }
case models.ErrOauth2NotAssociatedWithUser: case models.ErrOauth2NotAssociatedWithUser:
// ignore it. judge in /usr/login page ctx.Session.Set("socialName", soc.Name())
ctx.Session.Set("socialEmail", soc.Email())
ctx.Session.Set("socialId", oa.Id)
ctx.Redirect("/user/sign_up")
return
default: default:
log.Error(err.Error()) // FIXME: handle error page log.Error(err.Error()) // FIXME: handle error page
return return

View file

@ -82,6 +82,7 @@ func SignIn(ctx *middleware.Context) {
ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled ctx.Data["OauthGitHubEnabled"] = base.OauthService.GitHub.Enabled
} }
var user *models.User
// Check auto-login. // Check auto-login.
userName := ctx.GetCookie(base.CookieUserName) userName := ctx.GetCookie(base.CookieUserName)
if len(userName) == 0 { if len(userName) == 0 {
@ -90,15 +91,17 @@ func SignIn(ctx *middleware.Context) {
} }
isSucceed := false isSucceed := false
var err error
defer func() { defer func() {
if !isSucceed { if !isSucceed {
log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName) log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName)
ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieUserName, "", -1)
ctx.SetCookie(base.CookieRememberName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1)
return
} }
}() }()
user, err := models.GetUserByName(userName) user, err = models.GetUserByName(userName)
if err != nil { if err != nil {
ctx.HTML(200, "user/signin") ctx.HTML(200, "user/signin")
return return
@ -112,6 +115,7 @@ func SignIn(ctx *middleware.Context) {
} }
isSucceed = true isSucceed = true
ctx.Session.Set("userId", user.Id) ctx.Session.Set("userId", user.Id)
ctx.Session.Set("userName", user.Name) ctx.Session.Set("userName", user.Name)
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
@ -155,6 +159,13 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
} }
// Bind with social account
if sid, ok := ctx.Session.Get("socialId").(int64); ok {
if err = models.BindUserOauth2(user.Id, sid); err != nil {
log.Error("bind user error: %v", err)
}
ctx.Session.Delete("socialId")
}
ctx.Session.Set("userId", user.Id) ctx.Session.Set("userId", user.Id)
ctx.Session.Set("userName", user.Name) ctx.Session.Set("userName", user.Name)
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
@ -169,6 +180,7 @@ func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
func SignOut(ctx *middleware.Context) { func SignOut(ctx *middleware.Context) {
ctx.Session.Delete("userId") ctx.Session.Delete("userId")
ctx.Session.Delete("userName") ctx.Session.Delete("userName")
ctx.Session.Delete("socialId")
ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieUserName, "", -1)
ctx.SetCookie(base.CookieRememberName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1)
ctx.Redirect("/") ctx.Redirect("/")
@ -178,11 +190,23 @@ func SignUp(ctx *middleware.Context) {
ctx.Data["Title"] = "Sign Up" ctx.Data["Title"] = "Sign Up"
ctx.Data["PageIsSignUp"] = true ctx.Data["PageIsSignUp"] = true
if sid, ok := ctx.Session.Get("socialId").(int64); ok {
var err error
if _, err = models.GetOauth2ById(sid); err == nil {
ctx.Data["IsSocialLogin"] = true
// FIXME: don't set in error page
ctx.Data["username"] = ctx.Session.Get("socialName")
ctx.Data["email"] = ctx.Session.Get("socialEmail")
} else {
log.Error("unaccepted oauth error: %s", err) // FIXME: should it show in page
}
}
if base.Service.DisenableRegisteration { if base.Service.DisenableRegisteration {
ctx.Data["DisenableRegisteration"] = true ctx.Data["DisenableRegisteration"] = true
ctx.HTML(200, "user/signup") ctx.HTML(200, "user/signup")
return return
} }
log.Info("session: %v", ctx.Session.Get("socialId"))
ctx.HTML(200, "user/signup") ctx.HTML(200, "user/signup")
} }
@ -232,6 +256,11 @@ func SignUpPost(ctx *middleware.Context, form auth.RegisterForm) {
} }
log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName)) log.Trace("%s User created: %s", ctx.Req.RequestURI, strings.ToLower(form.UserName))
// Bind Social Account
if sid, ok := ctx.Session.Get("socialId").(int64); ok {
models.BindUserOauth2(u.Id, sid)
ctx.Session.Delete("socialId")
}
// Send confirmation e-mail. // Send confirmation e-mail.
if base.Service.RegisterEmailConfirm && u.Id > 1 { if base.Service.RegisterEmailConfirm && u.Id > 1 {

View file

@ -46,7 +46,7 @@
{{if .OauthEnabled}} {{if .OauthEnabled}}
<div class="form-group text-center" id="social-login"> <div class="form-group text-center" id="social-login">
<h4>Log In with Social Accounts</h4> <h4>Log In with Social Accounts</h4>
{{if .OauthGitHubEnabled}}<a href="/user/login/github"><i class="fa fa-github-square fa-3x"></i></a>{{end}} {{if .OauthGitHubEnabled}}<a href="/user/login/github?next=/user/sign_up"><i class="fa fa-github-square fa-3x"></i></a>{{end}}
</div> </div>
{{end}} {{end}}
</form> </form>

View file

@ -5,20 +5,25 @@
{{.CsrfTokenHtml}} {{.CsrfTokenHtml}}
{{if .DisenableRegisteration}} {{if .DisenableRegisteration}}
Sorry, registeration has been disenabled, you can only get account from administrator. Sorry, registeration has been disenabled, you can only get account from administrator.
{{else}}
{{if .IsSocialLogin}}
<h3>Social login: 2nd step <small>complete information</small></h3>
{{else}} {{else}}
<h3>Sign Up</h3> <h3>Sign Up</h3>
{{end}}
{{template "base/alert" .}} {{template "base/alert" .}}
{{if .IsSocialLogin}}
{{end}}
<div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}"> <div class="form-group {{if .Err_UserName}}has-error has-feedback{{end}}">
<label class="col-md-4 control-label">Username: </label> <label class="col-md-4 control-label">Username: </label>
<div class="col-md-6"> <div class="col-md-6">
<input name="username" class="form-control" placeholder="Type your username" value="{{.username}}" required="required"> <input name="username" class="form-control" placeholder="Type your username" value="{{.username}}" required="required">
</div> </div>
</div> </div>
<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}"> <div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-4 control-label">Email: </label> <label class="col-md-4 control-label">Email: </label>
<div class="col-md-6"> <div class="col-md-6">
<input name="email" class="form-control" placeholder="Type your e-mail address" value="{{.email}}" required="required" title="Email is not valid"> <input name="email" class="form-control" placeholder="Type your e-mail address" value="{{.email}}{{.socialEmail}}" required="required" title="Email is not valid">
</div> </div>
</div> </div>
@ -44,7 +49,11 @@
<div class="form-group"> <div class="form-group">
<div class="col-md-offset-4 col-md-6"> <div class="col-md-offset-4 col-md-6">
{{if .IsSocialLogin}}
<a href="/user/login">Already have an account? Bind now!</a>
{{else}}
<a href="/user/login">Already have an account? Sign in now!</a> <a href="/user/login">Already have an account? Sign in now!</a>
{{end}}
</div> </div>
</div> </div>
{{end}} {{end}}