Skip to content

Commit 6fae585

Browse files
daviianlafriks
daviian
authored and
lafriks
committed
fix .netrc authentication (#2700) (#2708)
* provide both possible authentication solutions Signed-off-by: David Schneiderbauer <[email protected]>
1 parent 670562a commit 6fae585

File tree

1 file changed

+24
-10
lines changed

1 file changed

+24
-10
lines changed

routers/repo/http.go

Lines changed: 24 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -139,19 +139,28 @@ func HTTP(ctx *context.Context) {
139139
}
140140

141141
if authUser == nil {
142-
authUser, err = models.GetUserByName(authUsername)
142+
isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
143143

144-
if err != nil {
145-
if models.IsErrUserNotExist(err) {
146-
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
147-
} else {
148-
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
144+
// Assume username is token
145+
authToken := authUsername
146+
147+
if !isUsernameToken {
148+
// Assume password is token
149+
authToken = authPasswd
150+
151+
authUser, err = models.GetUserByName(authUsername)
152+
if err != nil {
153+
if models.IsErrUserNotExist(err) {
154+
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
155+
} else {
156+
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
157+
}
158+
return
149159
}
150-
return
151160
}
152161

153162
// Assume password is a token.
154-
token, err := models.GetAccessTokenBySHA(authPasswd)
163+
token, err := models.GetAccessTokenBySHA(authToken)
155164
if err != nil {
156165
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
157166
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
@@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
161170
return
162171
}
163172

164-
if authUser.ID != token.UID {
173+
if isUsernameToken {
174+
authUser, err = models.GetUserByID(token.UID)
175+
if err != nil {
176+
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
177+
return
178+
}
179+
} else if authUser.ID != token.UID {
165180
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
166181
return
167182
}
@@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
170185
if err = models.UpdateAccessToken(token); err != nil {
171186
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
172187
}
173-
174188
} else {
175189
_, err = models.GetTwoFactorByUID(authUser.ID)
176190

0 commit comments

Comments
 (0)