diff --git a/models/login_source.go b/models/login_source.go index 8d5d08dea6a..ffae6bfaf2e 100644 --- a/models/login_source.go +++ b/models/login_source.go @@ -20,9 +20,9 @@ import ( "github.com/go-xorm/xorm" "code.gitea.io/gitea/modules/auth/ldap" + "code.gitea.io/gitea/modules/auth/oauth2" "code.gitea.io/gitea/modules/auth/pam" "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/auth/oauth2" ) // LoginType represents an login type. @@ -31,12 +31,12 @@ type LoginType int // Note: new type must append to the end of list to maintain compatibility. const ( LoginNoType LoginType = iota - LoginPlain // 1 - LoginLDAP // 2 - LoginSMTP // 3 - LoginPAM // 4 - LoginDLDAP // 5 - LoginOAuth2 // 6 + LoginPlain // 1 + LoginLDAP // 2 + LoginSMTP // 3 + LoginPAM // 4 + LoginDLDAP // 5 + LoginOAuth2 // 6 ) // LoginNames contains the name of LoginType values. @@ -498,7 +498,7 @@ func LoginViaSMTP(user *User, login, password string, sourceID int64, cfg *SMTPC idx := strings.Index(login, "@") if idx == -1 { return nil, ErrUserNotExist{0, login, 0} - } else if !com.IsSliceContainsStr(strings.Split(cfg.AllowedDomains, ","), login[idx + 1:]) { + } else if !com.IsSliceContainsStr(strings.Split(cfg.AllowedDomains, ","), login[idx+1:]) { return nil, ErrUserNotExist{0, login, 0} } } @@ -589,16 +589,16 @@ func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMCon // OAuth2Provider describes the display values of a single OAuth2 provider type OAuth2Provider struct { - Name string + Name string DisplayName string - Image string + Image string } // OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth) // key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider) // value is used to store display data var OAuth2Providers = map[string]OAuth2Provider{ - "github": {Name: "github", DisplayName:"GitHub", Image: "/img/github.png"}, + "github": {Name: "github", DisplayName: "GitHub", Image: "/img/github.png"}, } // ExternalUserLogin attempts a login using external source types. @@ -624,6 +624,16 @@ func UserSignIn(username, password string) (*User, error) { var user *User if strings.Contains(username, "@") { user = &User{Email: strings.ToLower(strings.TrimSpace(username))} + // check same email + cnt, err := x.Count(user) + if err != nil { + return nil, err + } + if cnt > 1 { + return nil, ErrEmailAlreadyUsed{ + Email: user.Email, + } + } } else { user = &User{LowerName: strings.ToLower(strings.TrimSpace(username))} } diff --git a/routers/user/auth.go b/routers/user/auth.go index 5b9297d3498..fa9f50139a2 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -7,20 +7,20 @@ package user import ( "errors" "fmt" + "net/http" "net/url" - - "github.com/go-macaron/captcha" + "strings" "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/auth" + "code.gitea.io/gitea/modules/auth/oauth2" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" - "net/http" - "code.gitea.io/gitea/modules/auth/oauth2" + + "github.com/go-macaron/captcha" "github.com/markbates/goth" - "strings" ) const ( @@ -66,7 +66,7 @@ func AutoSignIn(ctx *context.Context) (bool, error) { } if val, _ := ctx.GetSuperSecureCookie( - base.EncodeMD5(u.Rands + u.Passwd), setting.CookieRememberName); val != u.Name { + base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { return false, nil } @@ -144,6 +144,8 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) { if err != nil { if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), tplSignIn, &form) + } else if models.IsErrEmailAlreadyUsed(err) { + ctx.RenderWithErr(ctx.Tr("form.email_been_used"), tplSignIn, &form) } else { ctx.Handle(500, "UserSignIn", err) } @@ -296,7 +298,7 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR if remember { days := 86400 * setting.LogInRememberDays ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubURL) - ctx.SetSuperSecureCookie(base.EncodeMD5(u.Rands + u.Passwd), + ctx.SetSuperSecureCookie(base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName, u.Name, days, setting.AppSubURL) }