Merge pull request #26 from thomiceli/feature/better-oauth

Feature/better oauth
This commit is contained in:
Thomas Miceli 2023-05-07 11:02:30 +02:00 committed by GitHub
commit 1f74affde4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 32 additions and 7 deletions

View file

@ -26,6 +26,7 @@ var title = cases.Title(language.English)
func register(ctx echo.Context) error { func register(ctx echo.Context) error {
setData(ctx, "title", "New account") setData(ctx, "title", "New account")
setData(ctx, "htmlTitle", "New account") setData(ctx, "htmlTitle", "New account")
setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
return html(ctx, "auth_form.html") return html(ctx, "auth_form.html")
} }
@ -34,6 +35,10 @@ func processRegister(ctx echo.Context) error {
return errorRes(403, "Signing up is disabled", nil) return errorRes(403, "Signing up is disabled", nil)
} }
if getData(ctx, "DisableLoginForm") == true {
return errorRes(403, "Signing up via registration form is disabled", nil)
}
setData(ctx, "title", "New account") setData(ctx, "title", "New account")
setData(ctx, "htmlTitle", "New account") setData(ctx, "htmlTitle", "New account")
@ -81,10 +86,15 @@ func processRegister(ctx echo.Context) error {
func login(ctx echo.Context) error { func login(ctx echo.Context) error {
setData(ctx, "title", "Login") setData(ctx, "title", "Login")
setData(ctx, "htmlTitle", "Login") setData(ctx, "htmlTitle", "Login")
setData(ctx, "disableForm", getData(ctx, "DisableLoginForm"))
return html(ctx, "auth_form.html") return html(ctx, "auth_form.html")
} }
func processLogin(ctx echo.Context) error { func processLogin(ctx echo.Context) error {
if getData(ctx, "DisableLoginForm") == true {
return errorRes(403, "Logging in via login form is disabled", nil)
}
var err error var err error
sess := getSession(ctx) sess := getSession(ctx)
@ -178,6 +188,12 @@ func oauthCallback(ctx echo.Context) error {
return errorRes(500, "Cannot create user", err) return errorRes(500, "Cannot create user", err)
} }
if userDB.ID == 1 {
if err = userDB.SetAdmin(); err != nil {
return errorRes(500, "Cannot set user admin", err)
}
}
var resp *http.Response var resp *http.Response
switch user.Provider { switch user.Provider {
case "github": case "github":

View file

@ -1,6 +1,7 @@
document.addEventListener('DOMContentLoaded', () => { document.addEventListener('DOMContentLoaded', () => {
registerDomSetting(document.getElementById('disable-signup') as HTMLInputElement); registerDomSetting(document.getElementById('disable-signup') as HTMLInputElement);
registerDomSetting(document.getElementById('require-login') as HTMLInputElement); registerDomSetting(document.getElementById('require-login') as HTMLInputElement);
registerDomSetting(document.getElementById('disable-login-form') as HTMLInputElement);
}); });
const setSetting = (key: string, value: string) => { const setSetting = (key: string, value: string) => {

View file

@ -84,9 +84,13 @@
<input type="checkbox" id="disable-signup" name="disable-signup" {{ if .DisableSignup }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" /> <input type="checkbox" id="disable-signup" name="disable-signup" {{ if .DisableSignup }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
</div> </div>
<div> <div>
<label for="disable-signup" class="text-sm text-slate-300">Login required</label> <label for="require-login" class="text-sm text-slate-300">Require login</label>
<input type="checkbox" id="require-login" name="require-login" {{ if .RequireLogin }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" /> <input type="checkbox" id="require-login" name="require-login" {{ if .RequireLogin }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
</div> </div>
<div>
<label for="disable-login-form" class="text-sm text-slate-300">Disable login form</label>
<input type="checkbox" id="disable-login-form" name="disable-login-form" {{ if .DisableLoginForm }}checked="checked"{{ end }} class="ml-1 h-4 w-4 rounded border-gray-300 text-primary-600 focus:ring-primary-600" />
</div>
</div> </div>
</div> </div>
</div> </div>

View file

@ -14,6 +14,8 @@
<div class="sm:col-span-6"> <div class="sm:col-span-6">
<div class="mt-8 sm:w-full sm:max-w-md"> <div class="mt-8 sm:w-full sm:max-w-md">
<div class="bg-gray-900 rounded-md border border-1 border-gray-700 py-8 px-4 shadow sm:rounded-lg sm:px-10"> <div class="bg-gray-900 rounded-md border border-1 border-gray-700 py-8 px-4 shadow sm:rounded-lg sm:px-10">
{{ if not .disableForm }}
<form class="space-y-6" action="#" method="post"> <form class="space-y-6" action="#" method="post">
<div> <div>
<label for="username" class="block text-sm font-medium text-slate-300"> Username </label> <label for="username" class="block text-sm font-medium text-slate-300"> Username </label>
@ -48,14 +50,16 @@
{{ end }} {{ end }}
{{ .csrfHtml }} {{ .csrfHtml }}
</form> </form>
{{ end }}
{{ if or .githubOauth .giteaOauth }} {{ if or .githubOauth .giteaOauth }}
{{ if not .disableForm }}
<div class="relative my-4"> <div class="relative my-4">
<div class="absolute inset-0 flex items-center" aria-hidden="true"> <div class="absolute inset-0 flex items-center" aria-hidden="true">
<div class="w-full border-t border-gray-700"></div> <div class="w-full border-t border-gray-700"></div>
</div> </div>
</div> </div>
<br /> <br />
{{ end }}
<div> <div>
{{ if .githubOauth }} {{ if .githubOauth }}
<a href="/oauth/github" class="block w-full mb-2 text-center whitespace-nowrap text-slate-300{{ if .syncReposFromFS }} text-slate-500 cursor-not-allowed {{ end }}rounded border border-gray-600 bg-gray-800 px-2.5 py-2 text-xs font-medium text-white shadow-sm hover:bg-gray-700 hover:border-gray-500 hover:text-slate-300 focus:outline-none focus:ring-1 focus:border-primary-500 focus:ring-primary-500 leading-3"> <a href="/oauth/github" class="block w-full mb-2 text-center whitespace-nowrap text-slate-300{{ if .syncReposFromFS }} text-slate-500 cursor-not-allowed {{ end }}rounded border border-gray-600 bg-gray-800 px-2.5 py-2 text-xs font-medium text-white shadow-sm hover:bg-gray-700 hover:border-gray-500 hover:text-slate-300 focus:outline-none focus:ring-1 focus:border-primary-500 focus:ring-primary-500 leading-3">