kyush/forgejo
1
0
Fork 0
forked from mirrors/forgejo
Code Pull requests Activity
forgejo/routers/init.go
Mathieu Fenniak 1ddd5faa5c refactor: change authentication to return structured data (#12202) 
Currently authentication methods return information in two forms: they return who was authenticated as a `*user_model.User`, and then they insert key-values into `ctx.Data` which has critical impact on how the authenticated request is treated.  This PR changes the authentication methods to return structured data in the form of an `AuthenticationResult`, with all the key-value information in `ctx.Data` being moved into methods on the `AuthenticationResult` interface.

Authentication workflows in Forgejo are a real mess.  This is the first step in trying to clean it up and make the code predictable and reasonable, and is both follow-up work that was identified from the repo-specific access tokens (where the `"ApiTokenReducer"` key-value was added), and is pre-requisite work to future JWT enhancements that are [being discussed](https://codeberg.org/forgejo/forgejo/issues/3571#issuecomment-13268004).

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests for Go changes

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
  - All changes, at least in theory, are refactors of existing logic and are not expected to have functional deviations -- existing regression tests are the only planned testing.
- I ran...
  - [x] `make pr-go` before pushing

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12202
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
2026-04-22 21:00:26 +02:00

209 lines
6.1 KiB
Go
Raw Blame History

// Copyright 2016 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package routers
import (
"context"
"reflect"
"runtime"
"forgejo.org/models"
auth_model "forgejo.org/models/auth"
"forgejo.org/modules/cache"
"forgejo.org/modules/eventsource"
"forgejo.org/modules/git"
"forgejo.org/modules/highlight"
"forgejo.org/modules/log"
"forgejo.org/modules/markup"
"forgejo.org/modules/markup/external"
"forgejo.org/modules/setting"
"forgejo.org/modules/ssh"
"forgejo.org/modules/storage"
"forgejo.org/modules/svg"
"forgejo.org/modules/system"
"forgejo.org/modules/templates"
"forgejo.org/modules/translation"
"forgejo.org/modules/web"
actions_router "forgejo.org/routers/api/actions"
forgejo "forgejo.org/routers/api/forgejo/v1"
packages_router "forgejo.org/routers/api/packages"
apiv1 "forgejo.org/routers/api/v1"
"forgejo.org/routers/common"
"forgejo.org/routers/private"
web_routers "forgejo.org/routers/web"
actions_service "forgejo.org/services/actions"
auth_method "forgejo.org/services/auth/method"
"forgejo.org/services/auth/source/oauth2"
"forgejo.org/services/automerge"
"forgejo.org/services/cron"
federation_service "forgejo.org/services/federation"
feed_service "forgejo.org/services/feed"
indexer_service "forgejo.org/services/indexer"
"forgejo.org/services/mailer"
mailer_incoming "forgejo.org/services/mailer/incoming"
markup_service "forgejo.org/services/markup"
migrations_service "forgejo.org/services/migrations"
mirror_service "forgejo.org/services/mirror"
pull_service "forgejo.org/services/pull"
release_service "forgejo.org/services/release"
repo_service "forgejo.org/services/repository"
"forgejo.org/services/repository/archiver"
"forgejo.org/services/stats"
"forgejo.org/services/task"
"forgejo.org/services/uinotification"
"forgejo.org/services/webhook"
)
func mustInit(fn func() error) {
err := fn()
if err != nil {
ptr := reflect.ValueOf(fn).Pointer()
fi := runtime.FuncForPC(ptr)
log.Fatal("%s failed: %v", fi.Name(), err)
}
}
func mustInitCtx(ctx context.Context, fn func(ctx context.Context) error) {
err := fn(ctx)
if err != nil {
ptr := reflect.ValueOf(fn).Pointer()
fi := runtime.FuncForPC(ptr)
log.Fatal("%s(ctx) failed: %v", fi.Name(), err)
}
}
func syncAppConfForGit(ctx context.Context) error {
runtimeState := new(system.RuntimeState)
if err := system.AppState.Get(ctx, runtimeState); err != nil {
return err
}
updated := false
if runtimeState.LastAppPath != setting.AppPath {
log.Info("AppPath changed from '%s' to '%s'", runtimeState.LastAppPath, setting.AppPath)
runtimeState.LastAppPath = setting.AppPath
updated = true
}
if runtimeState.LastCustomConf != setting.CustomConf {
log.Info("CustomConf changed from '%s' to '%s'", runtimeState.LastCustomConf, setting.CustomConf)
runtimeState.LastCustomConf = setting.CustomConf
updated = true
}
if updated {
log.Info("re-sync repository hooks ...")
mustInitCtx(ctx, repo_service.SyncRepositoryHooks)
return system.AppState.Set(ctx, runtimeState)
}
return nil
}
func InitWebInstallPage(ctx context.Context) {
translation.InitLocales(ctx)
setting.LoadSettingsForInstall()
mustInit(svg.Init)
}
// InitWebInstalled is for global installed configuration.
func InitWebInstalled(ctx context.Context) {
mustInitCtx(ctx, git.InitFull)
log.Info("Git version: %s (home: %s)", git.VersionInfo(), git.HomeDir())
// Setup i18n
translation.InitLocales(ctx)
setting.LoadSettings()
mustInit(storage.Init)
mailer.NewContext(ctx)
mustInit(cache.Init)
mustInit(feed_service.Init)
mustInit(federation_service.Init)
mustInit(uinotification.Init)
mustInitCtx(ctx, archiver.Init)
highlight.NewContext()
external.RegisterRenderers()
markup.Init(markup_service.ProcessorHelper())
if setting.EnableSQLite3 {
log.Info("SQLite3 support is enabled")
} else if setting.Database.Type.IsSQLite3() {
log.Fatal("SQLite3 support is disabled, but it is used for database setting. Please get or build a Forgejo release with SQLite3 support.")
}
mustInitCtx(ctx, common.InitDBEngine)
log.Info("ORM engine initialization successful!")
mustInit(system.Init)
mustInitCtx(ctx, oauth2.Init)
mustInit(release_service.Init)
mustInitCtx(ctx, models.Init)
mustInitCtx(ctx, auth_model.Init)
mustInitCtx(ctx, repo_service.Init)
// Booting long running goroutines.
mustInit(indexer_service.Init)
mirror_service.InitSyncMirrors()
mustInit(webhook.Init)
mustInit(pull_service.Init)
mustInit(automerge.Init)
mustInit(task.Init)
mustInit(migrations_service.Init)
eventsource.GetManager().Init()
mustInitCtx(ctx, mailer_incoming.Init)
mustInitCtx(ctx, syncAppConfForGit)
mustInitCtx(ctx, ssh.Init)
auth_method.Init()
mustInit(svg.Init)
actions_service.Init()
mustInit(stats.Init)
mustInit(actions_router.InitOIDC)
// Finally start up the cron
cron.NewContext(ctx)
}
// NormalRoutes represents non install routes
func NormalRoutes() *web.Route {
_ = templates.HTMLRenderer()
r := web.NewRoute()
r.Use(common.ProtocolMiddlewares()...)
r.Mount("/", web_routers.Routes())
r.Mount("/api/v1", apiv1.Routes())
r.Mount("/api/forgejo/v1", forgejo.Routes())
r.Mount("/api/internal", private.Routes())
r.Post("/-/fetch-redirect", common.FetchRedirectDelegate)
if setting.Packages.Enabled {
// This implements package support for most package managers
r.Mount("/api/packages", packages_router.CommonRoutes())
// This implements the OCI API (Note this is not preceded by /api but is instead /v2)
r.Mount("/v2", packages_router.ContainerRoutes())
}
if setting.Actions.Enabled {
prefix := "/api/actions"
r.Mount(prefix, actions_router.Routes(prefix))
// TODO: Pipeline api used for runner internal communication with gitea server. but only artifact is used for now.
// In Github, it uses ACTIONS_RUNTIME_URL=https://pipelines.actions.githubusercontent.com/fLgcSHkPGySXeIFrg8W8OBSfeg3b5Fls1A1CwX566g8PayEGlg/
// TODO: this prefix should be generated with a token string with runner ?
prefix = "/api/actions_pipeline"
r.Mount(prefix, actions_router.ArtifactsRoutes(prefix))
prefix = actions_router.ArtifactV4RouteBase
r.Mount(prefix, actions_router.ArtifactsV4Routes(prefix))
}
return r
}
View git blame Copy permalink