github/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-10-22 18:24:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

added token to post-commit hooks

Browse Source
This commit is contained in:
Brad Rydzewski
2014-10-22 00:13:47 -07:00
parent dfb0210cf5
commit 7009778176
11 changed files with 172 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/handler/hook.go
View File

@@ -1,6 +1,7 @@
package handler
import (
"log"
"net/http"
"strings"
@@ -24,6 +25,7 @@ import (
func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
var ctx = context.FromC(c)
var host = c.URLParams["host"]
var token = r.FormValue("token")
var remote = remote.Lookup(host)
if remote == nil {
w.WriteHeader(http.StatusNotFound)
@@ -52,6 +54,14 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
return
}
// each hook contains a token to verify the sender. If the token
// is not provided or does not match, exit
if len(repo.Token) == 0 || repo.Token != token {
log.Printf("Rejected post commit hook for %s. Token mismatch\n", repo.Name)
w.WriteHeader(http.StatusUnauthorized)
return
}
if repo.Active == false ||
(repo.PostCommit == false && len(hook.PullRequest) == 0) ||
(repo.PullRequest == false && len(hook.PullRequest) != 0) {