2014-03-15 15:01:50 +04:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package middleware
import (
2014-03-23 01:59:22 +04:00
"net/url"
2014-03-15 15:01:50 +04:00
"github.com/codegangsta/martini"
2014-03-19 20:50:44 +04:00
"github.com/gogits/gogs/modules/base"
2014-03-15 15:01:50 +04:00
)
2014-03-22 21:44:02 +04:00
type ToggleOptions struct {
SignInRequire bool
SignOutRequire bool
AdminRequire bool
DisableCsrf bool
2014-03-15 15:01:50 +04:00
}
2014-03-22 21:44:02 +04:00
func Toggle ( options * ToggleOptions ) martini . Handler {
2014-03-15 15:01:50 +04:00
return func ( ctx * Context ) {
2014-03-22 21:44:02 +04:00
if options . SignOutRequire && ctx . IsSigned {
2014-03-19 17:57:55 +04:00
ctx . Redirect ( "/" )
2014-03-20 15:50:26 +04:00
return
}
2014-03-22 21:44:02 +04:00
if ! options . DisableCsrf {
if ctx . Req . Method == "POST" {
if ! ctx . CsrfTokenValid ( ) {
ctx . Error ( 403 , "CSRF token does not match" )
return
}
}
}
if options . SignInRequire {
if ! ctx . IsSigned {
2014-03-23 01:59:22 +04:00
ctx . SetCookie ( "redirect_to" , "/" + url . QueryEscape ( ctx . Req . RequestURI ) )
2014-03-22 21:44:02 +04:00
ctx . Redirect ( "/user/login" )
return
} else if ! ctx . User . IsActive && base . Service . RegisterEmailConfirm {
ctx . Data [ "Title" ] = "Activate Your Account"
ctx . HTML ( 200 , "user/active" )
return
}
}
if options . AdminRequire {
if ! ctx . User . IsAdmin {
ctx . Error ( 403 )
return
}
2014-03-22 22:27:03 +04:00
ctx . Data [ "PageIsAdmin" ] = true
2014-03-15 15:01:50 +04:00
}
}
}
