@ -100,14 +100,14 @@ func optionsCorsHandler() func(next http.Handler) http.Handler {
// The Session plugin is expected to be executed second, in order to skip authentication
// The Session plugin is expected to be executed second, in order to skip authentication
// for users that have already signed in.
// for users that have already signed in.
func buildAuthGroup ( ) * auth_service . Group {
func buildAuthGroup ( ) * auth_service . Group {
group := auth_service . NewGroup (
group := auth_service . NewGroup ( )
& auth_service . OAuth2 { } , // FIXME: this should be removed and only applied in download and oauth related routers
group . Add ( & auth_service . OAuth2 { } ) // FIXME: this should be removed and only applied in download and oauth related routers
& auth_service . Basic { } , // FIXME: this should be removed and only applied in download and git/lfs routers
group . Add ( & auth_service . Basic { } ) // FIXME: this should be removed and only applied in download and git/lfs routers
& auth_service . Session { } ,
)
if setting . Service . EnableReverseProxyAuth {
if setting . Service . EnableReverseProxyAuth {
group . Add ( & auth_service . ReverseProxy { } )
group . Add ( & auth_service . ReverseProxy { } ) // reverseproxy should before Session, otherwise the header will be ignored if user has login
}
}
group . Add ( & auth_service . Session { } )
if setting . IsWindows && auth_model . IsSSPIEnabled ( ) {
if setting . IsWindows && auth_model . IsSSPIEnabled ( ) {
group . Add ( & auth_service . SSPI { } ) // it MUST be the last, see the comment of SSPI
group . Add ( & auth_service . SSPI { } ) // it MUST be the last, see the comment of SSPI