* migrate gplus to google oauth2 provider. this still provides support for old gplus connections.
* Update models/oauth2.go
Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
* make vendor
* Only show repository avatar in list when one was selected
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adds fallback configuration option for repository avatar
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Implements repository avatar fallback
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adds admin task for deleting generated repository avatars
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Solve linting issues
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Save avatar before updating database
* Linting
* Update models/repo.go
Co-Authored-By: zeripath <art27@cantab.net>
* Create manifest and serviceworker
* Create templates and add AppSubUrl
* Add JSRenderer
* fix ctx type
* Add JSRenderer to static.go
* Complete adding {{AppSubUrl}}
* Add more fonts to urlsToCache
* Add 512px and 192px icons
* Hardcode font MD5
* Default theme doesn't have a specific CSS file
* Cleaning up public/ and documenting js/css libs.
This commit mostly addresses #1484 by moving vendor'ed plugins into a
vendor/ directory and documenting their upstream source and license in
vendor/librejs.html.
This also proves gitea is using only open source js/css libraries which
helps toward reaching #1524.
* Removing unused css file.
The version of this file in use is located at:
vendor/plugins/highlight/github.css
* Cleaned up librejs.html and added javascript header
A SafeJS function was added to templates/helper.go to allow keeping
comments inside of javascript.
A javascript comment was added in the header of templates/base/head.tmpl
to mark all non-inline source as free.
The librejs.html file was updated to meet the current librejs spec. I
have now verified that the librejs plugin detects most of the scripts
included in gitea and suspect the non-free detections are the result of
a bug in the plugin. I believe this commit is enough to meet the C0.0
requirement of #1534.
* Updating SafeJS function per lint suggestion
* Added VERSIONS file, per request
To support High-DPI displays, generate images at 4 times their displayed
resolution, which should be enough to support all current devices
according to https://material.io/devices/.
* add google+
* sort signin oauth2 providers based on the name so order is always the same
* update auth tip for google+
* add gitlab provider
* add bitbucket provider (and some go fmt)
* add twitter provider
* add facebook provider
* add dropbox provider
* add openid connect provider incl. new format of tips section in "Add New Source"
* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)
* imports according to goimport and code style
* make it possible to set custom urls to gitlab and github provider (only these could have a different host)
* split up oauth2 into multiple files
* small typo in comment
* fix indention
* fix indentation
* fix new line before external import
* fix layout of signin part
* update "broken" dependency
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)
* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)
* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
Also changes the avatar from a jpeg to a png, to allow for
transparent background. The indexed png is also smaller in size.
Note that at the moment the default avatar is only used when
the user requested a custom avatar and the custom avatar file
is not found (should never happen).
In the future the default avatar could be used as a default
return when by-mail avatar lookups fail too (both gravatar
and libravatar support passing a default)
Lunny Xiao