github/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-09-25 12:50:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

ensure csrf token available to activate repo

Browse Source
This commit is contained in:
Brad Rydzewski
2015-09-29 23:11:14 -07:00
parent 65f885e478
commit 895919cf24
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
router/middleware/session/repo.go
View File

@@ -6,6 +6,7 @@ import (
"github.com/drone/drone/model" "github.com/drone/drone/model"
"github.com/drone/drone/router/middleware/context" "github.com/drone/drone/router/middleware/context"
"github.com/drone/drone/shared/token"
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@@ -66,6 +67,14 @@ func SetRepo() gin.HandlerFunc {
// if we found a repository, we should display a page // if we found a repository, we should display a page
// to the user allowing them to activate. // to the user allowing them to activate.
if repo != nil && len(repo.FullName) != 0 { if repo != nil && len(repo.FullName) != 0 {
// we should probably move this code to a
// separate route, but for now we need to
// add a CSRF token.
data["Csrf"], _ = token.New(
token.CsrfToken,
user.Login,
).Sign(user.Hash)
c.HTML(http.StatusNotFound, "repo_activate.html", data) c.HTML(http.StatusNotFound, "repo_activate.html", data)
} else { } else {
c.HTML(http.StatusNotFound, "404.html", data) c.HTML(http.StatusNotFound, "404.html", data)