From fa8217e27f43eaa23b8098dd7a9345e0316be0b5 Mon Sep 17 00:00:00 2001
From: Thomas Miceli <27960254+thomiceli@users.noreply.github.com>
Date: Sun, 22 Sep 2024 23:21:43 +0200
Subject: [PATCH] Separate OAuth unlink URL (#336)
---
internal/web/auth.go | 46 ++++++++++++++++++-----------------
internal/web/server.go | 1 +
templates/pages/settings.html | 8 +++---
3 files changed, 29 insertions(+), 26 deletions(-)
diff --git a/internal/web/auth.go b/internal/web/auth.go
index 9a4f7b2..de3f477 100644
--- a/internal/web/auth.go
+++ b/internal/web/auth.go
@@ -342,28 +342,6 @@ func oauth(ctx echo.Context) error {
goth.UseProviders(oidcProvider)
}
- currUser := getUserLogged(ctx)
- if currUser != nil {
- // Map each provider to a function that checks the relevant ID in currUser
- providerIDCheckMap := map[string]func() bool{
- GitHubProvider: func() bool { return currUser.GithubID != "" },
- GitLabProvider: func() bool { return currUser.GitlabID != "" },
- GiteaProvider: func() bool { return currUser.GiteaID != "" },
- OpenIDConnect: func() bool { return currUser.OIDCID != "" },
- }
-
- // Check if the provider is valid and if the user has a linked ID
- // Means that the user wants to unlink the account
- if checkFunc, exists := providerIDCheckMap[provider]; exists && checkFunc() {
- if err := currUser.DeleteProviderID(provider); err != nil {
- return errorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(provider), err)
- }
-
- addFlash(ctx, tr(ctx, "flash.auth.account-unlinked-oauth", cases.Title(language.English).String(provider)), "success")
- return redirect(ctx, "/settings")
- }
- }
-
ctxValue := context.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, provider)
ctx.SetRequest(ctx.Request().WithContext(ctxValue))
if provider != GitHubProvider && provider != GitLabProvider && provider != GiteaProvider && provider != OpenIDConnect {
@@ -374,6 +352,30 @@ func oauth(ctx echo.Context) error {
return nil
}
+func oauthUnlink(ctx echo.Context) error {
+ provider := ctx.Param("provider")
+
+ currUser := getUserLogged(ctx)
+ // Map each provider to a function that checks the relevant ID in currUser
+ providerIDCheckMap := map[string]func() bool{
+ GitHubProvider: func() bool { return currUser.GithubID != "" },
+ GitLabProvider: func() bool { return currUser.GitlabID != "" },
+ GiteaProvider: func() bool { return currUser.GiteaID != "" },
+ OpenIDConnect: func() bool { return currUser.OIDCID != "" },
+ }
+
+ if checkFunc, exists := providerIDCheckMap[provider]; exists && checkFunc() {
+ if err := currUser.DeleteProviderID(provider); err != nil {
+ return errorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(provider), err)
+ }
+
+ addFlash(ctx, tr(ctx, "flash.auth.account-unlinked-oauth", cases.Title(language.English).String(provider)), "success")
+ return redirect(ctx, "/settings")
+ }
+
+ return redirect(ctx, "/settings")
+}
+
func logout(ctx echo.Context) error {
deleteSession(ctx)
deleteCsrfCookie(ctx)
diff --git a/internal/web/server.go b/internal/web/server.go
index 91488bc..a98929a 100644
--- a/internal/web/server.go
+++ b/internal/web/server.go
@@ -260,6 +260,7 @@ func NewServer(isDev bool, sessionsPath string) *Server {
g1.GET("/logout", logout)
g1.GET("/oauth/:provider", oauth)
g1.GET("/oauth/:provider/callback", oauthCallback)
+ g1.GET("/oauth/:provider/unlink", oauthUnlink, logged)
g1.GET("/settings", userSettings, logged)
g1.POST("/settings/email", emailProcess, logged)
diff --git a/templates/pages/settings.html b/templates/pages/settings.html
index 45b4078..02c43e9 100644
--- a/templates/pages/settings.html
+++ b/templates/pages/settings.html
@@ -96,7 +96,7 @@
{{ if .githubOauth }}
{{ if .userLogged.GithubID }}
-
{{ .locale.Tr "settings.unlink-github-account" }}
@@ -109,7 +109,7 @@
{{ if .gitlabOauth }}
{{ if .userLogged.GitlabID }}
-
{{ .locale.Tr "settings.unlink-gitlab-account" }}
@@ -122,7 +122,7 @@
{{ if .giteaOauth }}
{{ if .userLogged.GiteaID }}
-
{{ .locale.Tr "settings.unlink-gitea-account" }}
@@ -134,7 +134,7 @@
{{ end }}
{{ if .oidcOauth }}
{{ if .userLogged.OIDCID }}
-
Unlink OpenID account