parent
fe55ab2a68
commit
2a660a1de1
5 changed files with 28 additions and 10 deletions
|
@ -261,6 +261,7 @@ COOKIE_USERNAME = gitea_awesome
|
||||||
COOKIE_REMEMBER_NAME = gitea_incredible
|
COOKIE_REMEMBER_NAME = gitea_incredible
|
||||||
; Reverse proxy authentication header name of user name
|
; Reverse proxy authentication header name of user name
|
||||||
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||||
|
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
|
||||||
; The minimum password length for new Users
|
; The minimum password length for new Users
|
||||||
MIN_PASSWORD_LENGTH = 6
|
MIN_PASSWORD_LENGTH = 6
|
||||||
; Set to true to allow users to import local server paths
|
; Set to true to allow users to import local server paths
|
||||||
|
@ -323,6 +324,7 @@ ENABLE_NOTIFY_MAIL = false
|
||||||
; More detail: https://github.com/gogits/gogs/issues/165
|
; More detail: https://github.com/gogits/gogs/issues/165
|
||||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||||
|
ENABLE_REVERSE_PROXY_EMAIL = false
|
||||||
; Enable captcha validation for registration
|
; Enable captcha validation for registration
|
||||||
ENABLE_CAPTCHA = false
|
ENABLE_CAPTCHA = false
|
||||||
; Type of captcha you want to use. Options: image, recaptcha
|
; Type of captcha you want to use. Options: image, recaptcha
|
||||||
|
|
|
@ -160,6 +160,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
information.
|
information.
|
||||||
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
|
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
|
||||||
authentication.
|
authentication.
|
||||||
|
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy
|
||||||
|
authentication provided email.
|
||||||
- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom
|
- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom
|
||||||
git hooks.
|
git hooks.
|
||||||
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
|
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
|
||||||
|
@ -188,6 +190,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
|
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
|
||||||
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
|
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
|
||||||
for reverse authentication.
|
for reverse authentication.
|
||||||
|
- `ENABLE_REVERSE_PROXY_EMAIL`: **false**: Enable this to allow to auto-registration with a
|
||||||
|
provided email rather than a generated email.
|
||||||
- `ENABLE_CAPTCHA`: **false**: Enable this to use captcha validation for registration.
|
- `ENABLE_CAPTCHA`: **false**: Enable this to use captcha validation for registration.
|
||||||
- `CAPTCHA_TYPE`: **image**: \[image, recaptcha\]
|
- `CAPTCHA_TYPE`: **image**: \[image, recaptcha\]
|
||||||
- `RECAPTCHA_SECRET`: **""**: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
|
- `RECAPTCHA_SECRET`: **""**: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
|
||||||
|
|
|
@ -105,9 +105,16 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
|
||||||
|
|
||||||
// Check if enabled auto-registration.
|
// Check if enabled auto-registration.
|
||||||
if setting.Service.EnableReverseProxyAutoRegister {
|
if setting.Service.EnableReverseProxyAutoRegister {
|
||||||
|
email := gouuid.NewV4().String() + "@localhost"
|
||||||
|
if setting.Service.EnableReverseProxyEmail {
|
||||||
|
webAuthEmail := ctx.Req.Header.Get(setting.ReverseProxyAuthEmail)
|
||||||
|
if len(webAuthEmail) > 0 {
|
||||||
|
email = webAuthEmail
|
||||||
|
}
|
||||||
|
}
|
||||||
u := &models.User{
|
u := &models.User{
|
||||||
Name: webAuthUser,
|
Name: webAuthUser,
|
||||||
Email: gouuid.NewV4().String() + "@localhost",
|
Email: email,
|
||||||
Passwd: webAuthUser,
|
Passwd: webAuthUser,
|
||||||
IsActive: true,
|
IsActive: true,
|
||||||
}
|
}
|
||||||
|
|
|
@ -157,15 +157,16 @@ var (
|
||||||
}
|
}
|
||||||
|
|
||||||
// Security settings
|
// Security settings
|
||||||
InstallLock bool
|
InstallLock bool
|
||||||
SecretKey string
|
SecretKey string
|
||||||
LogInRememberDays int
|
LogInRememberDays int
|
||||||
CookieUserName string
|
CookieUserName string
|
||||||
CookieRememberName string
|
CookieRememberName string
|
||||||
ReverseProxyAuthUser string
|
ReverseProxyAuthUser string
|
||||||
MinPasswordLength int
|
ReverseProxyAuthEmail string
|
||||||
ImportLocalPaths bool
|
MinPasswordLength int
|
||||||
DisableGitHooks bool
|
ImportLocalPaths bool
|
||||||
|
DisableGitHooks bool
|
||||||
|
|
||||||
// Database settings
|
// Database settings
|
||||||
UseSQLite3 bool
|
UseSQLite3 bool
|
||||||
|
@ -950,6 +951,7 @@ func NewContext() {
|
||||||
CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome")
|
CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome")
|
||||||
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible")
|
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible")
|
||||||
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
|
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
|
||||||
|
ReverseProxyAuthEmail = sec.Key("REVERSE_PROXY_AUTHENTICATION_EMAIL").MustString("X-WEBAUTH-EMAIL")
|
||||||
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
|
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
|
||||||
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
|
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
|
||||||
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
||||||
|
@ -1216,6 +1218,7 @@ var Service struct {
|
||||||
EnableNotifyMail bool
|
EnableNotifyMail bool
|
||||||
EnableReverseProxyAuth bool
|
EnableReverseProxyAuth bool
|
||||||
EnableReverseProxyAutoRegister bool
|
EnableReverseProxyAutoRegister bool
|
||||||
|
EnableReverseProxyEmail bool
|
||||||
EnableCaptcha bool
|
EnableCaptcha bool
|
||||||
CaptchaType string
|
CaptchaType string
|
||||||
RecaptchaSecret string
|
RecaptchaSecret string
|
||||||
|
@ -1247,6 +1250,7 @@ func newService() {
|
||||||
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
|
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
|
||||||
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
|
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
|
||||||
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
|
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
|
||||||
|
Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool()
|
||||||
Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false)
|
Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false)
|
||||||
Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha)
|
Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha)
|
||||||
Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("")
|
Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("")
|
||||||
|
|
|
@ -215,6 +215,7 @@ func Config(ctx *context.Context) {
|
||||||
ctx.Data["LogRootPath"] = setting.LogRootPath
|
ctx.Data["LogRootPath"] = setting.LogRootPath
|
||||||
ctx.Data["ScriptType"] = setting.ScriptType
|
ctx.Data["ScriptType"] = setting.ScriptType
|
||||||
ctx.Data["ReverseProxyAuthUser"] = setting.ReverseProxyAuthUser
|
ctx.Data["ReverseProxyAuthUser"] = setting.ReverseProxyAuthUser
|
||||||
|
ctx.Data["ReverseProxyAuthEmail"] = setting.ReverseProxyAuthEmail
|
||||||
|
|
||||||
ctx.Data["SSH"] = setting.SSH
|
ctx.Data["SSH"] = setting.SSH
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue