mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-03-09 16:02:06 +01:00
30982b9e7b
- Add the ability to regenerate existing access tokens in the UI. This preserves the ID of the access token, but generates a new salt and token contents. - Integration test added. - Unit test added. - Resolves #6880 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6963 Reviewed-by: 0ko <0ko@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: Dmitrii Sharshakov <d3dx12.xx@gmail.com> Co-committed-by: Dmitrii Sharshakov <d3dx12.xx@gmail.com>
133 lines
3.8 KiB
Go
133 lines
3.8 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
auth_model "code.gitea.io/gitea/models/auth"
|
|
"code.gitea.io/gitea/models/db"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
"code.gitea.io/gitea/modules/web"
|
|
"code.gitea.io/gitea/services/context"
|
|
"code.gitea.io/gitea/services/forms"
|
|
)
|
|
|
|
const (
|
|
tplSettingsApplications base.TplName = "user/settings/applications"
|
|
)
|
|
|
|
// Applications render manage access token page
|
|
func Applications(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings.applications")
|
|
ctx.Data["PageIsSettingsApplications"] = true
|
|
|
|
loadApplicationsData(ctx)
|
|
|
|
ctx.HTML(http.StatusOK, tplSettingsApplications)
|
|
}
|
|
|
|
// ApplicationsPost response for add user's access token
|
|
func ApplicationsPost(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.NewAccessTokenForm)
|
|
ctx.Data["Title"] = ctx.Tr("settings")
|
|
ctx.Data["PageIsSettingsApplications"] = true
|
|
|
|
if ctx.HasError() {
|
|
loadApplicationsData(ctx)
|
|
|
|
ctx.HTML(http.StatusOK, tplSettingsApplications)
|
|
return
|
|
}
|
|
|
|
scope, err := form.GetScope()
|
|
if err != nil {
|
|
ctx.ServerError("GetScope", err)
|
|
return
|
|
}
|
|
t := &auth_model.AccessToken{
|
|
UID: ctx.Doer.ID,
|
|
Name: form.Name,
|
|
Scope: scope,
|
|
}
|
|
|
|
exist, err := auth_model.AccessTokenByNameExists(ctx, t)
|
|
if err != nil {
|
|
ctx.ServerError("AccessTokenByNameExists", err)
|
|
return
|
|
}
|
|
if exist {
|
|
ctx.Flash.Error(ctx.Tr("settings.generate_token_name_duplicate", t.Name))
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/applications")
|
|
return
|
|
}
|
|
|
|
if err := auth_model.NewAccessToken(ctx, t); err != nil {
|
|
ctx.ServerError("NewAccessToken", err)
|
|
return
|
|
}
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.generate_token_success"))
|
|
ctx.Flash.Info(t.Token)
|
|
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/applications")
|
|
}
|
|
|
|
// DeleteApplication response for delete user access token
|
|
func DeleteApplication(ctx *context.Context) {
|
|
if err := auth_model.DeleteAccessTokenByID(ctx, ctx.FormInt64("id"), ctx.Doer.ID); err != nil {
|
|
ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
|
|
}
|
|
|
|
ctx.JSONRedirect(setting.AppSubURL + "/user/settings/applications")
|
|
}
|
|
|
|
// RegenerateApplication response for regenerating user access token
|
|
func RegenerateApplication(ctx *context.Context) {
|
|
if t, err := auth_model.RegenerateAccessTokenByID(ctx, ctx.FormInt64("id"), ctx.Doer.ID); err != nil {
|
|
if auth_model.IsErrAccessTokenNotExist(err) {
|
|
ctx.Flash.Error(ctx.Tr("error.not_found"))
|
|
} else {
|
|
ctx.Flash.Error(ctx.Tr("error.server_internal"))
|
|
log.Error("DeleteAccessTokenByID", err)
|
|
}
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("settings.regenerate_token_success"))
|
|
ctx.Flash.Info(t.Token)
|
|
}
|
|
|
|
ctx.JSONRedirect(setting.AppSubURL + "/user/settings/applications")
|
|
}
|
|
|
|
func loadApplicationsData(ctx *context.Context) {
|
|
ctx.Data["AccessTokenScopePublicOnly"] = auth_model.AccessTokenScopePublicOnly
|
|
tokens, err := db.Find[auth_model.AccessToken](ctx, auth_model.ListAccessTokensOptions{UserID: ctx.Doer.ID})
|
|
if err != nil {
|
|
ctx.ServerError("ListAccessTokens", err)
|
|
return
|
|
}
|
|
ctx.Data["Tokens"] = tokens
|
|
ctx.Data["EnableOAuth2"] = setting.OAuth2.Enabled
|
|
ctx.Data["IsAdmin"] = ctx.Doer.IsAdmin
|
|
if setting.OAuth2.Enabled {
|
|
ctx.Data["Applications"], err = db.Find[auth_model.OAuth2Application](ctx, auth_model.FindOAuth2ApplicationsOptions{
|
|
OwnerID: ctx.Doer.ID,
|
|
})
|
|
if err != nil {
|
|
ctx.ServerError("GetOAuth2ApplicationsByUserID", err)
|
|
return
|
|
}
|
|
ctx.Data["Grants"], err = auth_model.GetOAuth2GrantsByUserID(ctx, ctx.Doer.ID)
|
|
if err != nil {
|
|
ctx.ServerError("GetOAuth2GrantsByUserID", err)
|
|
return
|
|
}
|
|
ctx.Data["EnableAdditionalGrantScopes"] = setting.OAuth2.EnableAdditionalGrantScopes
|
|
}
|
|
}
|