Commit 54f6d8c7 authored by Valery Sizov's avatar Valery Sizov

an ability to clone project with oauth2 token

parent 1718075a
class AddGitlabAccessTokenToUser < ActiveRecord::Migration
def change
add_column :users, :gitlab_access_token, :string
end
end
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150116234544) do ActiveRecord::Schema.define(version: 20150116234545) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
...@@ -434,6 +434,7 @@ ActiveRecord::Schema.define(version: 20150116234544) do ...@@ -434,6 +434,7 @@ ActiveRecord::Schema.define(version: 20150116234544) do
t.string "website_url", default: "", null: false t.string "website_url", default: "", null: false
t.datetime "last_credential_check_at" t.datetime "last_credential_check_at"
t.string "github_access_token" t.string "github_access_token"
t.string "gitlab_access_token"
end end
add_index "users", ["admin"], name: "index_users_on_admin", using: :btree add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
......
...@@ -34,7 +34,7 @@ module Grack ...@@ -34,7 +34,7 @@ module Grack
def auth! def auth!
if @auth.provided? if @auth.provided?
return bad_request unless @auth.basic? return bad_request unless @auth.basic?
# Authentication with username and password # Authentication with username and password
login, password = @auth.credentials login, password = @auth.credentials
...@@ -71,8 +71,20 @@ module Grack ...@@ -71,8 +71,20 @@ module Grack
false false
end end
def oauth_access_token_check(login, password)
if login == "oauth2" && git_cmd == 'git-upload-pack' && password.present?
token = Doorkeeper::AccessToken.by_token(password)
token && token.accessible? && User.find_by(id: token.resource_owner_id)
end
end
def authenticate_user(login, password) def authenticate_user(login, password)
user = Gitlab::Auth.new.find(login, password) user = Gitlab::Auth.new.find(login, password)
unless user
user = oauth_access_token_check(login, password)
end
return user if user.present? return user if user.present?
# At this point, we know the credentials were wrong. We let Rack::Attack # At this point, we know the credentials were wrong. We let Rack::Attack
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment