bug fixed

2025-07-22 18:28:37 +00:00 · 2014-04-05 22:24:10 +08:00
parent a92826a8fe
commit 9791e70da6
2 changed files with 41 additions and 39 deletions
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@@ -261,7 +261,7 @@ func basicDecode(encoded string) (user string, name string, err error) {
 }

 func authRequired(ctx *middleware.Context) {
-	ctx.ResponseWriter.Header().Set("WWW-Authenticate", `Basic realm="Gogs Auth"`)
+	ctx.ResponseWriter.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
 	ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
 	ctx.HTML(401, fmt.Sprintf("status/401"))
 }
@@ -273,6 +273,8 @@ func Http(ctx *middleware.Context, params martini.Params) {
 		reponame = reponame[:len(reponame)-4]
 	}

+	//fmt.Println("req:", ctx.Req.Header)
+
 	repoUser, err := models.GetUserByName(username)
 	if err != nil {
 		ctx.Handle(500, "repo.GetUserByName", nil)
@@ -297,45 +299,45 @@ func Http(ctx *middleware.Context, params martini.Params) {

 		// check basic auth
 		baHead := ctx.Req.Header.Get("Authorization")
-		if baHead != "" {
-			auths := strings.Fields(baHead)
-			if len(auths) != 2 || auths[0] != "Basic" {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
-			}
-			authUsername, passwd, err := basicDecode(auths[1])
-			if err != nil {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
-			}
-
-			authUser, err := models.GetUserByName(authUsername)
-			if err != nil {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
-			}
-
-			newUser := &models.User{Passwd: passwd}
-			newUser.EncodePasswd()
-			if authUser.Passwd != newUser.Passwd {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
-			}
-
-			var tp = models.AU_WRITABLE
-			if isPull {
-				tp = models.AU_READABLE
-			}
-
-			has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
-			if err != nil || !has {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
-			}
-		} else {
+		if baHead == "" {
 			authRequired(ctx)
 			return
 		}
+
+		auths := strings.Fields(baHead)
+		if len(auths) != 2 || auths[0] != "Basic" {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+		authUsername, passwd, err := basicDecode(auths[1])
+		if err != nil {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		authUser, err := models.GetUserByName(authUsername)
+		if err != nil {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		newUser := &models.User{Passwd: passwd}
+		newUser.EncodePasswd()
+		if authUser.Passwd != newUser.Passwd {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
+
+		var tp = models.AU_WRITABLE
+		if isPull {
+			tp = models.AU_READABLE
+		}
+
+		has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
+		if err != nil || !has {
+			ctx.Handle(401, "no basic auth and digit auth", nil)
+			return
+		}
 	}

 	dir := models.RepoPath(username, reponame)