UX treat register like sign in, even oauth

[coolaj86]

Re: #4226, #5032,

• link oauth-created accounts just like normal ones
  • exception: make unlinkable when ALLOW_ONLY_EXTERNAL_REGISTRATION = true
• remember me on sign up page
• do not require a second login when account is created

If you'd like to test it out

My pull request is against master, but I run it as backport to v1.5.1 (includes #5006, #5029, #5033):

git clone https://github.com/coolaj86/gitea.git gitea.coolaj86 -b v1.5.1-coolaj86
pushd gitea.coolaj86
TAGS="bindata sqlite" make generate all

I would not recommend replacing your existing gitea, but rather creating a symlink so that you can easily switch back if you don't like it. For example, if you keep gitea in /opt/gitea/bin:

rsync -av ./gitea /opt/gitea/bin/gitea-v1.5.1-coolaj86
pushd /opt/gitea/bin
mv gitea gitea-v1.5.1
ln -s gitea-v1.5.1-coolaj86 gitea

I've run a couple of manual tests so far, so I feel comfortable with someone else trying it out. I won't be pushing any additional changes to that branch (such as the upcoming changes to address the empty checkboxes in the issue) until I've tested them in production for myself.

[codecov-io]

Codecov Report

Merging #5033 into master will increase coverage by 0.01%.
The diff coverage is 13.95%.

@@            Coverage Diff             @@
##           master    #5033      +/-   ##
==========================================
+ Coverage   41.15%   41.17%   +0.01%     
==========================================
  Files         464      464              
  Lines       62763    62757       -6     
==========================================
+ Hits        25833    25841       +8     
+ Misses      33537    33521      -16     
- Partials     3393     3395       +2

Impacted Files	Coverage Δ
modules/auth/user_form.go	42.85% <ø> (ø)	⬆️
routers/user/auth.go	12.6% <13.95%> (+0.34%)	⬆️
models/gpg_key.go	55.83% <0%> (-0.84%)	⬇️
models/repo_list.go	73.09% <0%> (+1.01%)	⬆️
routers/repo/view.go	43.25% <0%> (+1.01%)	⬆️
models/unit.go	67.56% <0%> (+5.4%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5908bb1...b655b35. Read the comment docs.

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 months. Thank you for your contributions.

[coolaj86]

Rebased on master and ready for re-review!

[coolaj86]

bump

[lunny]

I don't think this is necessary. setting.Service.AllowOnlyExternalRegistration means user must register via external source. Since we have been in LinkAccountPostRegister. The check is unnecessary.

[lunny]

As above

[lunny]

@solderjs could you remove setting.Service.AllowOnlyExternalRegistration conditions check on the changed code?

[zeripath]

@lunny I think they might actually integral to the purpose of this pr.

From what I understand the purpose is about being able to remove the link of Gitea user from the external source.

[zeripath]

Whether this is the correct technique to do that is another question.

I suspect we should be asking at the time of attempted removal of external links whether it's reasonable to do so.

[coolaj86]

The goal is to be able to create a secure account that doesn't have a password that can be used as a backdoor to gain access.

If a local account is required, it thwarts the intent.

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 months. Thank you for your contributions.

[lafriks]

Need to resolve conflicts

[wxiaoguang]

It's stale for long time.

What's the status of this PR?