mirror of
https://gitee.com/gitea/gitea
synced 2025-12-29 19:56:35 +08:00
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
This commit is contained in:
Lunny Xiao
@@ -12,22 +12,22 @@ import (
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/modules/auth"
|
||||
"code.gitea.io/gitea/modules/auth/oauth2"
|
||||
"code.gitea.io/gitea/modules/base"
|
||||
"code.gitea.io/gitea/modules/context"
|
||||
"code.gitea.io/gitea/modules/eventsource"
|
||||
auth "code.gitea.io/gitea/modules/forms"
|
||||
"code.gitea.io/gitea/modules/hcaptcha"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/password"
|
||||
"code.gitea.io/gitea/modules/recaptcha"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/modules/timeutil"
|
||||
"code.gitea.io/gitea/modules/web"
|
||||
"code.gitea.io/gitea/routers/utils"
|
||||
"code.gitea.io/gitea/services/externalaccount"
|
||||
"code.gitea.io/gitea/services/mailer"
|
||||
|
||||
"gitea.com/macaron/captcha"
|
||||
"github.com/markbates/goth"
|
||||
"github.com/tstranex/u2f"
|
||||
)
|
||||
@@ -149,7 +149,7 @@ func SignIn(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// SignInPost response for sign in request
|
||||
func SignInPost(ctx *context.Context, form auth.SignInForm) {
|
||||
func SignInPost(ctx *context.Context) {
|
||||
ctx.Data["Title"] = ctx.Tr("sign_in")
|
||||
|
||||
orderedOAuth2Names, oauth2Providers, err := models.GetActiveOAuth2Providers()
|
||||
@@ -170,6 +170,7 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) {
|
||||
return
|
||||
}
|
||||
|
||||
form := web.GetForm(ctx).(*auth.SignInForm)
|
||||
u, err := models.UserSignIn(form.UserName, form.Password)
|
||||
if err != nil {
|
||||
if models.IsErrUserNotExist(err) {
|
||||
@@ -250,7 +251,8 @@ func TwoFactor(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// TwoFactorPost validates a user's two-factor authentication token.
|
||||
func TwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) {
|
||||
func TwoFactorPost(ctx *context.Context) {
|
||||
form := web.GetForm(ctx).(*auth.TwoFactorAuthForm)
|
||||
ctx.Data["Title"] = ctx.Tr("twofa")
|
||||
|
||||
// Ensure user is in a 2FA session.
|
||||
@@ -328,7 +330,8 @@ func TwoFactorScratch(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// TwoFactorScratchPost validates and invalidates a user's two-factor scratch token.
|
||||
func TwoFactorScratchPost(ctx *context.Context, form auth.TwoFactorScratchAuthForm) {
|
||||
func TwoFactorScratchPost(ctx *context.Context) {
|
||||
form := web.GetForm(ctx).(*auth.TwoFactorScratchAuthForm)
|
||||
ctx.Data["Title"] = ctx.Tr("twofa_scratch")
|
||||
|
||||
// Ensure user is in a 2FA session.
|
||||
@@ -427,7 +430,8 @@ func U2FChallenge(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// U2FSign authenticates the user by signResp
|
||||
func U2FSign(ctx *context.Context, signResp u2f.SignResponse) {
|
||||
func U2FSign(ctx *context.Context) {
|
||||
signResp := web.GetForm(ctx).(*u2f.SignResponse)
|
||||
challSess := ctx.Session.Get("u2fChallenge")
|
||||
idSess := ctx.Session.Get("twofaUid")
|
||||
if challSess == nil || idSess == nil {
|
||||
@@ -447,7 +451,7 @@ func U2FSign(ctx *context.Context, signResp u2f.SignResponse) {
|
||||
log.Fatal("parsing u2f registration: %v", err)
|
||||
continue
|
||||
}
|
||||
newCounter, authErr := r.Authenticate(signResp, *challenge, reg.Counter)
|
||||
newCounter, authErr := r.Authenticate(*signResp, *challenge, reg.Counter)
|
||||
if authErr == nil {
|
||||
reg.Counter = newCounter
|
||||
user, err := models.GetUserByID(id)
|
||||
@@ -563,20 +567,20 @@ func SignInOAuth(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// try to do a direct callback flow, so we don't authenticate the user again but use the valid accesstoken to get the user
|
||||
user, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req.Request, ctx.Resp)
|
||||
user, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req, ctx.Resp)
|
||||
if err == nil && user != nil {
|
||||
// we got the user without going through the whole OAuth2 authentication flow again
|
||||
handleOAuth2SignIn(user, gothUser, ctx, err)
|
||||
return
|
||||
}
|
||||
|
||||
if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil {
|
||||
if err = oauth2.Auth(loginSource.Name, ctx.Req, ctx.Resp); err != nil {
|
||||
if strings.Contains(err.Error(), "no provider for ") {
|
||||
if err = models.ResetOAuth2(); err != nil {
|
||||
ctx.ServerError("SignIn", err)
|
||||
return
|
||||
}
|
||||
if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil {
|
||||
if err = oauth2.Auth(loginSource.Name, ctx.Req, ctx.Resp); err != nil {
|
||||
ctx.ServerError("SignIn", err)
|
||||
}
|
||||
return
|
||||
@@ -602,7 +606,7 @@ func SignInOAuthCallback(ctx *context.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
u, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req.Request, ctx.Resp)
|
||||
u, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req, ctx.Resp)
|
||||
|
||||
handleOAuth2SignIn(u, gothUser, ctx, err)
|
||||
}
|
||||
@@ -788,7 +792,8 @@ func LinkAccount(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// LinkAccountPostSignIn handle the coupling of external account with another account using signIn
|
||||
func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) {
|
||||
func LinkAccountPostSignIn(ctx *context.Context) {
|
||||
signInForm := web.GetForm(ctx).(*auth.SignInForm)
|
||||
ctx.Data["DisablePassword"] = !setting.Service.RequireExternalRegistrationPassword || setting.Service.AllowOnlyExternalRegistration
|
||||
ctx.Data["Title"] = ctx.Tr("link_account")
|
||||
ctx.Data["LinkAccountMode"] = true
|
||||
@@ -870,7 +875,8 @@ func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) {
|
||||
}
|
||||
|
||||
// LinkAccountPostRegister handle the creation of a new account for an external account using signUp
|
||||
func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
|
||||
func LinkAccountPostRegister(ctx *context.Context) {
|
||||
form := web.GetForm(ctx).(*auth.RegisterForm)
|
||||
// TODO Make insecure passwords optional for local accounts also,
|
||||
// once email-based Second-Factor Auth is available
|
||||
ctx.Data["DisablePassword"] = !setting.Service.RequireExternalRegistrationPassword || setting.Service.AllowOnlyExternalRegistration
|
||||
@@ -909,7 +915,7 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
|
||||
var err error
|
||||
switch setting.Service.CaptchaType {
|
||||
case setting.ImageCaptcha:
|
||||
valid = cpt.VerifyReq(ctx.Req)
|
||||
valid = context.GetImageCaptcha().VerifyReq(ctx.Req)
|
||||
case setting.ReCaptcha:
|
||||
valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse)
|
||||
case setting.HCaptcha:
|
||||
@@ -1029,7 +1035,7 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
|
||||
// HandleSignOut resets the session and sets the cookies
|
||||
func HandleSignOut(ctx *context.Context) {
|
||||
_ = ctx.Session.Flush()
|
||||
_ = ctx.Session.Destroy(ctx.Context)
|
||||
_ = ctx.Session.Destroy(ctx.Resp, ctx.Req)
|
||||
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
@@ -1069,7 +1075,8 @@ func SignUp(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// SignUpPost response for sign up information submission
|
||||
func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
|
||||
func SignUpPost(ctx *context.Context) {
|
||||
form := web.GetForm(ctx).(*auth.RegisterForm)
|
||||
ctx.Data["Title"] = ctx.Tr("sign_up")
|
||||
|
||||
ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
|
||||
@@ -1097,7 +1104,7 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo
|
||||
var err error
|
||||
switch setting.Service.CaptchaType {
|
||||
case setting.ImageCaptcha:
|
||||
valid = cpt.VerifyReq(ctx.Req)
|
||||
valid = context.GetImageCaptcha().VerifyReq(ctx.Req)
|
||||
case setting.ReCaptcha:
|
||||
valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse)
|
||||
case setting.HCaptcha:
|
||||
@@ -1562,7 +1569,8 @@ func MustChangePassword(ctx *context.Context) {
|
||||
|
||||
// MustChangePasswordPost response for updating a user's password after his/her
|
||||
// account was created by an admin
|
||||
func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form auth.MustChangePasswordForm) {
|
||||
func MustChangePasswordPost(ctx *context.Context) {
|
||||
form := web.GetForm(ctx).(*auth.MustChangePasswordForm)
|
||||
ctx.Data["Title"] = ctx.Tr("auth.must_change_password")
|
||||
ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/settings/change_password"
|
||||
if ctx.HasError() {
|
||||
|
||||
Reference in New Issue
Block a user