|
|
@ -82,19 +82,12 @@ func AutoSignIn(ctx *context.Context) (bool, error) { |
|
|
|
|
|
|
|
|
|
|
|
isSucceed = true |
|
|
|
isSucceed = true |
|
|
|
|
|
|
|
|
|
|
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil { |
|
|
|
if err := updateSession(ctx, nil, map[string]interface{}{ |
|
|
|
return false, fmt.Errorf("unable to RegenerateSession: Error: %w", err) |
|
|
|
// Set session IDs
|
|
|
|
} |
|
|
|
"uid": u.ID, |
|
|
|
|
|
|
|
"uname": u.Name, |
|
|
|
// Set session IDs
|
|
|
|
}); err != nil { |
|
|
|
if err := ctx.Session.Set("uid", u.ID); err != nil { |
|
|
|
return false, fmt.Errorf("unable to updateSession: %w", err) |
|
|
|
return false, err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Set("uname", u.Name); err != nil { |
|
|
|
|
|
|
|
return false, err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Release(); err != nil { |
|
|
|
|
|
|
|
return false, err |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if err := resetLocale(ctx, u); err != nil { |
|
|
|
if err := resetLocale(ctx, u); err != nil { |
|
|
@ -252,32 +245,17 @@ func SignInPost(ctx *context.Context) { |
|
|
|
return |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil { |
|
|
|
updates := map[string]interface{}{ |
|
|
|
ctx.ServerError("UserSignIn: Unable to set regenerate session", err) |
|
|
|
// User will need to use 2FA TOTP or WebAuthn, save data
|
|
|
|
return |
|
|
|
"twofaUid": u.ID, |
|
|
|
} |
|
|
|
"twofaRemember": form.Remember, |
|
|
|
|
|
|
|
|
|
|
|
// User will need to use 2FA TOTP or WebAuthn, save data
|
|
|
|
|
|
|
|
if err := ctx.Session.Set("twofaUid", u.ID); err != nil { |
|
|
|
|
|
|
|
ctx.ServerError("UserSignIn: Unable to set twofaUid in session", err) |
|
|
|
|
|
|
|
return |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if err := ctx.Session.Set("twofaRemember", form.Remember); err != nil { |
|
|
|
|
|
|
|
ctx.ServerError("UserSignIn: Unable to set twofaRemember in session", err) |
|
|
|
|
|
|
|
return |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if hasTOTPtwofa { |
|
|
|
if hasTOTPtwofa { |
|
|
|
// User will need to use WebAuthn, save data
|
|
|
|
// User will need to use WebAuthn, save data
|
|
|
|
if err := ctx.Session.Set("totpEnrolled", u.ID); err != nil { |
|
|
|
updates["totpEnrolled"] = u.ID |
|
|
|
ctx.ServerError("UserSignIn: Unable to set WebAuthn Enrolled in session", err) |
|
|
|
|
|
|
|
return |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if err := updateSession(ctx, nil, updates); err != nil { |
|
|
|
if err := ctx.Session.Release(); err != nil { |
|
|
|
ctx.ServerError("UserSignIn: Unable to update session", err) |
|
|
|
ctx.ServerError("UserSignIn: Unable to save session", err) |
|
|
|
|
|
|
|
return |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -308,29 +286,23 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe |
|
|
|
setting.CookieRememberName, u.Name, days) |
|
|
|
setting.CookieRememberName, u.Name, days) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil { |
|
|
|
if err := updateSession(ctx, []string{ |
|
|
|
|
|
|
|
// Delete the openid, 2fa and linkaccount data
|
|
|
|
|
|
|
|
"openid_verified_uri", |
|
|
|
|
|
|
|
"openid_signin_remember", |
|
|
|
|
|
|
|
"openid_determined_email", |
|
|
|
|
|
|
|
"openid_determined_username", |
|
|
|
|
|
|
|
"twofaUid", |
|
|
|
|
|
|
|
"twofaRemember", |
|
|
|
|
|
|
|
"linkAccount", |
|
|
|
|
|
|
|
}, map[string]interface{}{ |
|
|
|
|
|
|
|
"uid": u.ID, |
|
|
|
|
|
|
|
"uname": u.Name, |
|
|
|
|
|
|
|
}); err != nil { |
|
|
|
ctx.ServerError("RegenerateSession", err) |
|
|
|
ctx.ServerError("RegenerateSession", err) |
|
|
|
return setting.AppSubURL + "/" |
|
|
|
return setting.AppSubURL + "/" |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Delete the openid, 2fa and linkaccount data
|
|
|
|
|
|
|
|
_ = ctx.Session.Delete("openid_verified_uri") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("openid_signin_remember") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("openid_determined_email") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("openid_determined_username") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("twofaUid") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("twofaRemember") |
|
|
|
|
|
|
|
_ = ctx.Session.Delete("linkAccount") |
|
|
|
|
|
|
|
if err := ctx.Session.Set("uid", u.ID); err != nil { |
|
|
|
|
|
|
|
log.Error("Error setting uid %d in session: %v", u.ID, err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Set("uname", u.Name); err != nil { |
|
|
|
|
|
|
|
log.Error("Error setting uname %s session: %v", u.Name, err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Release(); err != nil { |
|
|
|
|
|
|
|
log.Error("Unable to store session: %v", err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Language setting of the user overwrites the one previously set
|
|
|
|
// Language setting of the user overwrites the one previously set
|
|
|
|
// If the user does not have a locale set, we save the current one.
|
|
|
|
// If the user does not have a locale set, we save the current one.
|
|
|
|
if len(u.Language) == 0 { |
|
|
|
if len(u.Language) == 0 { |
|
|
@ -762,22 +734,15 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) { |
|
|
|
|
|
|
|
|
|
|
|
log.Trace("User activated: %s", user.Name) |
|
|
|
log.Trace("User activated: %s", user.Name) |
|
|
|
|
|
|
|
|
|
|
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil { |
|
|
|
if err := updateSession(ctx, nil, map[string]interface{}{ |
|
|
|
|
|
|
|
"uid": user.ID, |
|
|
|
|
|
|
|
"uname": user.Name, |
|
|
|
|
|
|
|
}); err != nil { |
|
|
|
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err) |
|
|
|
log.Error("Unable to regenerate session for user: %-v with email: %s: %v", user, user.Email, err) |
|
|
|
ctx.ServerError("ActivateUserEmail", err) |
|
|
|
ctx.ServerError("ActivateUserEmail", err) |
|
|
|
return |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if err := ctx.Session.Set("uid", user.ID); err != nil { |
|
|
|
|
|
|
|
log.Error("Error setting uid in session[%s]: %v", ctx.Session.ID(), err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Set("uname", user.Name); err != nil { |
|
|
|
|
|
|
|
log.Error("Error setting uname in session[%s]: %v", ctx.Session.ID(), err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := ctx.Session.Release(); err != nil { |
|
|
|
|
|
|
|
log.Error("Error storing session[%s]: %v", ctx.Session.ID(), err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if err := resetLocale(ctx, user); err != nil { |
|
|
|
if err := resetLocale(ctx, user); err != nil { |
|
|
|
ctx.ServerError("resetLocale", err) |
|
|
|
ctx.ServerError("resetLocale", err) |
|
|
|
return |
|
|
|
return |
|
|
@ -821,3 +786,25 @@ func ActivateEmail(ctx *context.Context) { |
|
|
|
// Should users be logged in automatically here? (consider 2FA requirements, etc.)
|
|
|
|
// Should users be logged in automatically here? (consider 2FA requirements, etc.)
|
|
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/account") |
|
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/account") |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func updateSession(ctx *context.Context, deletes []string, updates map[string]interface{}) error { |
|
|
|
|
|
|
|
if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil { |
|
|
|
|
|
|
|
return fmt.Errorf("regenerate session: %w", err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
sess := ctx.Session |
|
|
|
|
|
|
|
sessID := sess.ID() |
|
|
|
|
|
|
|
for _, k := range deletes { |
|
|
|
|
|
|
|
if err := sess.Delete(k); err != nil { |
|
|
|
|
|
|
|
return fmt.Errorf("delete %v in session[%s]: %w", k, sessID, err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
for k, v := range updates { |
|
|
|
|
|
|
|
if err := sess.Set(k, v); err != nil { |
|
|
|
|
|
|
|
return fmt.Errorf("set %v in session[%s]: %w", k, sessID, err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if err := sess.Release(); err != nil { |
|
|
|
|
|
|
|
return fmt.Errorf("store session[%s]: %w", sessID, err) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
return nil |
|
|
|
|
|
|
|
} |
|
|
|