code.gitea.io/gitea@v1.21.7/routers/web/user/setting/security/security.go (about) 1 // Copyright 2014 The Gogs Authors. All rights reserved. 2 // Copyright 2018 The Gitea Authors. All rights reserved. 3 // SPDX-License-Identifier: MIT 4 5 package security 6 7 import ( 8 "net/http" 9 10 auth_model "code.gitea.io/gitea/models/auth" 11 user_model "code.gitea.io/gitea/models/user" 12 "code.gitea.io/gitea/modules/base" 13 "code.gitea.io/gitea/modules/context" 14 "code.gitea.io/gitea/modules/setting" 15 "code.gitea.io/gitea/services/auth/source/oauth2" 16 ) 17 18 const ( 19 tplSettingsSecurity base.TplName = "user/settings/security/security" 20 tplSettingsTwofaEnroll base.TplName = "user/settings/security/twofa_enroll" 21 ) 22 23 // Security render change user's password page and 2FA 24 func Security(ctx *context.Context) { 25 ctx.Data["Title"] = ctx.Tr("settings.security") 26 ctx.Data["PageIsSettingsSecurity"] = true 27 28 if ctx.FormString("openid.return_to") != "" { 29 settingsOpenIDVerify(ctx) 30 return 31 } 32 33 loadSecurityData(ctx) 34 35 ctx.HTML(http.StatusOK, tplSettingsSecurity) 36 } 37 38 // DeleteAccountLink delete a single account link 39 func DeleteAccountLink(ctx *context.Context) { 40 id := ctx.FormInt64("id") 41 if id <= 0 { 42 ctx.Flash.Error("Account link id is not given") 43 } else { 44 if _, err := user_model.RemoveAccountLink(ctx.Doer, id); err != nil { 45 ctx.Flash.Error("RemoveAccountLink: " + err.Error()) 46 } else { 47 ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success")) 48 } 49 } 50 51 ctx.JSONRedirect(setting.AppSubURL + "/user/settings/security") 52 } 53 54 func loadSecurityData(ctx *context.Context) { 55 enrolled, err := auth_model.HasTwoFactorByUID(ctx, ctx.Doer.ID) 56 if err != nil { 57 ctx.ServerError("SettingsTwoFactor", err) 58 return 59 } 60 ctx.Data["TOTPEnrolled"] = enrolled 61 62 credentials, err := auth_model.GetWebAuthnCredentialsByUID(ctx, ctx.Doer.ID) 63 if err != nil { 64 ctx.ServerError("GetWebAuthnCredentialsByUID", err) 65 return 66 } 67 ctx.Data["WebAuthnCredentials"] = credentials 68 69 tokens, err := auth_model.ListAccessTokens(ctx, auth_model.ListAccessTokensOptions{UserID: ctx.Doer.ID}) 70 if err != nil { 71 ctx.ServerError("ListAccessTokens", err) 72 return 73 } 74 ctx.Data["Tokens"] = tokens 75 76 accountLinks, err := user_model.ListAccountLinks(ctx.Doer) 77 if err != nil { 78 ctx.ServerError("ListAccountLinks", err) 79 return 80 } 81 82 // map the provider display name with the AuthSource 83 sources := make(map[*auth_model.Source]string) 84 for _, externalAccount := range accountLinks { 85 if authSource, err := auth_model.GetSourceByID(externalAccount.LoginSourceID); err == nil { 86 var providerDisplayName string 87 88 type DisplayNamed interface { 89 DisplayName() string 90 } 91 92 type Named interface { 93 Name() string 94 } 95 96 if displayNamed, ok := authSource.Cfg.(DisplayNamed); ok { 97 providerDisplayName = displayNamed.DisplayName() 98 } else if named, ok := authSource.Cfg.(Named); ok { 99 providerDisplayName = named.Name() 100 } else { 101 providerDisplayName = authSource.Name 102 } 103 sources[authSource] = providerDisplayName 104 } 105 } 106 ctx.Data["AccountLinks"] = sources 107 108 orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(false) 109 if err != nil { 110 ctx.ServerError("GetActiveOAuth2Providers", err) 111 return 112 } 113 ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names 114 ctx.Data["OAuth2Providers"] = oauth2Providers 115 116 openid, err := user_model.GetUserOpenIDs(ctx, ctx.Doer.ID) 117 if err != nil { 118 ctx.ServerError("GetUserOpenIDs", err) 119 return 120 } 121 ctx.Data["OpenIDs"] = openid 122 }