github/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-10-22 01:23:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1591 from bradrydzewski/master

Browse Source 
use new 0.5 .drone.sig signature file
This commit is contained in:
Brad Rydzewski
2016-04-21 17:42:48 -07:00
parent 2afc96456c faf7ff675d
commit fa76617c7c
15 changed files with 301 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
router/middleware/agent.go Normal file
View File

@@ -0,0 +1,45 @@
package middleware
import (
"github.com/drone/drone/shared/token"
"github.com/Sirupsen/logrus"
"github.com/gin-gonic/gin"
"github.com/ianschenck/envflag"
)
var (
secret = envflag.String("AGENT_SECRET", "", "")
noauth = envflag.Bool("AGENT_NO_AUTH", false, "")
)
// Agent is a middleware function that initializes the authorization middleware
// for agents to connect to the queue.
func AgentMust() gin.HandlerFunc {
if *secret == "" {
logrus.Fatalf("please provide the agent secret to authenticate agent requests")
}
t := token.New(token.AgentToken, "")
s, err := t.Sign(*secret)
if err != nil {
logrus.Fatalf("invalid agent secret. %s", err)
}
logrus.Infof("using agent secret %s", *secret)
logrus.Warnf("agents can connect with token %s", s)
return func(c *gin.Context) {
parsed, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
return *secret, nil
})
if err != nil {
c.AbortWithError(403, err)
} else if parsed.Kind != token.AgentToken {
c.AbortWithStatus(403)
} else {
c.Next()
}
}
}

14
router/middleware/session/user.go
View File

@@ -70,15 +70,14 @@ func MustAdmin() gin.HandlerFunc {
user := User(c)
switch {
case user == nil:
c.AbortWithStatus(http.StatusUnauthorized)
// c.HTML(http.StatusUnauthorized, "401.html", gin.H{})
c.String(401, "User not authorized")
c.Abort()
case user.Admin == false:
c.AbortWithStatus(http.StatusForbidden)
// c.HTML(http.StatusForbidden, "401.html", gin.H{})
c.String(413, "User not authorized")
c.Abort()
default:
c.Next()
}
}
}
@@ -87,11 +86,10 @@ func MustUser() gin.HandlerFunc {
user := User(c)
switch {
case user == nil:
c.AbortWithStatus(http.StatusUnauthorized)
// c.HTML(http.StatusUnauthorized, "401.html", gin.H{})
c.String(401, "User not authorized")
c.Abort()
default:
c.Next()
}
}
}