From b87583ef28ccbbbff15ac1d7600661528c9b3886 Mon Sep 17 00:00:00 2001 From: handlerug Date: Fri, 2 Jul 2021 15:20:03 +0700 Subject: [PATCH] Drop fixed authorization Important changes: - UseFixedAuth is now UseAuth and toggles all kinds of authorization and registration - UseRegistration is now AllowRegistration to better reflect the meaning - LimitRegistration is now RegistrationLimit because it's not a boolean, it's a value (not "limit registration?", but "registration limit is ...") - registered-users.json is now users.json, because all users are stored there - user.AuthUsed is dropped in favor of new cfg.UseAuth which has the same meaning I hope I have not forgotten anything. --- assets/config.ini | 6 +- assets/devconfig.ini | 6 +- cfg/config.go | 24 ++--- files/files.go | 24 ++--- mycocredentials.json | 24 ----- user/files.go | 109 ++++++--------------- user/net.go | 22 ++--- user/user.go | 34 ++----- user/users.go | 25 +---- views/auth.qtpl | 13 ++- views/auth.qtpl.go | 225 +++++++++++++++++++++---------------------- views/hypha.qtpl | 4 +- views/hypha.qtpl.go | 4 +- views/nav.qtpl | 4 +- views/nav.qtpl.go | 4 +- views/stuff.qtpl | 4 +- views/stuff.qtpl.go | 4 +- web/admin.go | 2 +- web/auth.go | 8 +- 19 files changed, 211 insertions(+), 335 deletions(-) delete mode 100644 mycocredentials.json diff --git a/assets/config.ini b/assets/config.ini index f60e60c..aec2b33 100644 --- a/assets/config.ini +++ b/assets/config.ini @@ -11,7 +11,7 @@ HTTPPort = 8080 URL = https://wiki [Authorization] -UseFixedAuth = true +UseAuth = true -UseRegistration = true -LimitRegistration = 10 +AllowRegistration = true +RegistrationLimit = 10 diff --git a/assets/devconfig.ini b/assets/devconfig.ini index 08435a1..a85cff3 100644 --- a/assets/devconfig.ini +++ b/assets/devconfig.ini @@ -11,7 +11,7 @@ HTTPPort = 1737 URL = http://localhost:1737 [Authorization] -UseFixedAuth = true +UseAuth = true -UseRegistration = true -LimitRegistration = 3 +AllowRegistration = true +RegistrationLimit = 3 diff --git a/cfg/config.go b/cfg/config.go index 9011955..d5395db 100644 --- a/cfg/config.go +++ b/cfg/config.go @@ -26,9 +26,9 @@ var ( URL string GeminiCertificatePath string - UseFixedAuth bool - UseRegistration bool - LimitRegistration int + UseAuth bool + AllowRegistration bool + RegistrationLimit uint64 CommonScripts []string ViewScripts []string @@ -79,9 +79,9 @@ type CustomScripts struct { // Authorization is a section of Config that has fields related to // authorization and authentication. type Authorization struct { - UseFixedAuth bool - UseRegistration bool - LimitRegistration uint64 `comment:"This field controls the maximum amount of allowed registrations."` + UseAuth bool + AllowRegistration bool + RegistrationLimit uint64 `comment:"This field controls the maximum amount of allowed registrations."` } // ReadConfigFile reads a config on the given path and stores the @@ -101,9 +101,9 @@ func ReadConfigFile(path string) error { GeminiCertificatePath: "", }, Authorization: Authorization{ - UseFixedAuth: false, - UseRegistration: false, - LimitRegistration: 0, + UseAuth: false, + AllowRegistration: false, + RegistrationLimit: 0, }, CustomScripts: CustomScripts{ CommonScripts: []string{}, @@ -164,9 +164,9 @@ func ReadConfigFile(path string) error { HTTPPort = strconv.FormatUint(cfg.HTTPPort, 10) URL = cfg.URL GeminiCertificatePath = cfg.GeminiCertificatePath - UseFixedAuth = cfg.UseFixedAuth - UseRegistration = cfg.UseRegistration - LimitRegistration = int(cfg.LimitRegistration) + UseAuth = cfg.UseAuth + AllowRegistration = cfg.AllowRegistration + RegistrationLimit = cfg.RegistrationLimit CommonScripts = cfg.CommonScripts ViewScripts = cfg.ViewScripts EditScripts = cfg.EditScripts diff --git a/files/files.go b/files/files.go index ea80df1..37bda49 100644 --- a/files/files.go +++ b/files/files.go @@ -9,13 +9,12 @@ import ( ) var paths struct { - gitRepo string - cacheDir string - staticFiles string - configPath string - tokensJSON string - registrationCredentialsJSON string - fixedCredentialsJSON string + gitRepo string + cacheDir string + staticFiles string + configPath string + tokensJSON string + userCredentialsJSON string } // HyphaeDir returns the path to hyphae storage. @@ -36,12 +35,8 @@ func ConfigPath() string { return paths.configPath } // TokensJSON returns the path to the JSON user tokens storage. func TokensJSON() string { return paths.tokensJSON } -// RegistrationCredentialsJSON returns the path to the JSON registration -// credentials storage. -func RegistrationCredentialsJSON() string { return paths.registrationCredentialsJSON } - -// FixedCredentialsJSON returns the path to the JSON fixed credentials storage. -func FixedCredentialsJSON() string { return paths.fixedCredentialsJSON } +// UserCredentialsJSON returns the path to the JSON user credentials storage. +func UserCredentialsJSON() string { return paths.userCredentialsJSON } // PrepareWikiRoot ensures all needed directories and files exist and have // correct permissions. @@ -66,10 +61,9 @@ func PrepareWikiRoot() error { } paths.configPath = filepath.Join(cfg.WikiDir, "config.ini") + paths.userCredentialsJSON = filepath.Join(cfg.WikiDir, "users.json") paths.tokensJSON = filepath.Join(paths.cacheDir, "tokens.json") - paths.fixedCredentialsJSON = filepath.Join(cfg.WikiDir, "fixed-users.json") - paths.registrationCredentialsJSON = filepath.Join(cfg.WikiDir, "registered-users.json") return nil } diff --git a/mycocredentials.json b/mycocredentials.json deleted file mode 100644 index f2ad452..0000000 --- a/mycocredentials.json +++ /dev/null @@ -1,24 +0,0 @@ -[ - { - "name": "admin", - "password": "mycorrhiza", - "group": "admin" - }, - { - "name": "weird_fish", - "password": "DeepestOcean", - "group": "moderator" - }, - { - "name": "king_of_limbs", - "password": "ambush", - "group": "trusted" - }, - { - "name": "paranoid_android", - "password": "ok computer", - "group": "editor" - } -] - - diff --git a/user/files.go b/user/files.go index 43ff75e..754f804 100644 --- a/user/files.go +++ b/user/files.go @@ -2,8 +2,7 @@ package user import ( "encoding/json" - "golang.org/x/crypto/bcrypt" - "io/ioutil" + "errors" "log" "os" @@ -12,64 +11,25 @@ import ( "github.com/bouncepaw/mycorrhiza/util" ) -// InitUserDatabase checks the configuration for auth methods and loads users -// if necessary. Call it during initialization. +// InitUserDatabase loads users, if necessary. Call it during initialization. func InitUserDatabase() { - AuthUsed = cfg.UseFixedAuth || cfg.UseRegistration - - if AuthUsed { - ReadUsersFromFilesystem() - } + ReadUsersFromFilesystem() } -// ReadUsersFromFilesystem reads all user information from filesystem and stores it internally. +// ReadUsersFromFilesystem reads all user information from filesystem and +// stores it internally. func ReadUsersFromFilesystem() { - if cfg.UseFixedAuth { - // This one will be removed. - rememberUsers(usersFromFixedCredentials()) - } - - // And this one will be renamed to just "users" in the future. - rememberUsers(usersFromRegistrationCredentials()) - - // Migrate fixed users to registered - tryToMigrate() - - readTokensToUsers() -} - -func tryToMigrate() { - // Fixed authorization should be removed by the next release (1.13). - // So let's try to help fixed users and migrate them over! - - migrated := 0 - - for user := range YieldUsers() { - if user.Source == SourceFixed { - hashedPasswd, err := bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost) - if err != nil { - log.Fatal("Failed to migrate fixed users:", err) - } - - user.Password = "" - user.HashedPassword = string(hashedPasswd) - user.Source = SourceRegistration - migrated++ - } - } - - if migrated > 0 { - if err := dumpRegistrationCredentials(); err != nil { - log.Fatal("Failed to migrate fixed users:", err) - } - log.Printf("Migrated %d users", migrated) + if cfg.UseAuth { + rememberUsers(usersFromFile()) + readTokensToUsers() } } -func usersFromFile(path string, source UserSource) (users []*User) { - contents, err := ioutil.ReadFile(path) - if os.IsNotExist(err) { - return +func usersFromFile() []*User { + var users []*User + contents, err := os.ReadFile(files.UserCredentialsJSON()) + if errors.Is(err, os.ErrNotExist) { + return users } if err != nil { log.Fatal(err) @@ -80,20 +40,8 @@ func usersFromFile(path string, source UserSource) (users []*User) { } for _, u := range users { u.Name = util.CanonicalName(u.Name) - u.Source = source } - return users -} - -func usersFromFixedCredentials() []*User { - users := usersFromFile(files.FixedCredentialsJSON(), SourceFixed) - log.Println("Found", len(users), "fixed users") - return users -} - -func usersFromRegistrationCredentials() []*User { - users := usersFromFile(files.RegistrationCredentialsJSON(), SourceRegistration) - log.Println("Found", len(users), "registered users") + log.Println("Found", len(users), "users") return users } @@ -104,7 +52,7 @@ func rememberUsers(userList []*User) { } func readTokensToUsers() { - contents, err := ioutil.ReadFile(files.TokensJSON()) + contents, err := os.ReadFile(files.TokensJSON()) if os.IsNotExist(err) { return } @@ -119,37 +67,36 @@ func readTokensToUsers() { } for token, username := range tmp { - commenceSession(username, token) + tokens.Store(token, username) + // commenceSession(username, token) } log.Println("Found", len(tmp), "active sessions") } func SaveUserDatabase() error { - return dumpRegistrationCredentials() + return dumpUserCredentials() } -func dumpRegistrationCredentials() error { - tmp := []*User{} +func dumpUserCredentials() error { + userList := []*User{} + // TODO: lock the map during saving to prevent corruption for u := range YieldUsers() { - if u.Source != SourceRegistration { - continue - } - copiedUser := u - copiedUser.Password = "" - tmp = append(tmp, copiedUser) + userList = append(userList, u) } - blob, err := json.MarshalIndent(tmp, "", "\t") + blob, err := json.MarshalIndent(userList, "", "\t") if err != nil { log.Println(err) return err } - err = ioutil.WriteFile(files.RegistrationCredentialsJSON(), blob, 0644) + + err = os.WriteFile(files.UserCredentialsJSON(), blob, 0666) if err != nil { log.Println(err) return err } + return nil } @@ -166,7 +113,7 @@ func dumpTokens() { blob, err := json.MarshalIndent(tmp, "", "\t") if err != nil { log.Println(err) - } else { - ioutil.WriteFile(files.TokensJSON(), blob, 0644) + return } + os.WriteFile(files.TokensJSON(), blob, 0666) } diff --git a/user/net.go b/user/net.go index 7506f89..2c00b12 100644 --- a/user/net.go +++ b/user/net.go @@ -1,11 +1,9 @@ package user import ( - "errors" "fmt" "log" "net/http" - "strconv" "time" "github.com/bouncepaw/mycorrhiza/cfg" @@ -41,13 +39,12 @@ func Register(username, password string) error { username = util.CanonicalName(username) log.Println("Attempt to register user", username) switch { - case CountRegistered() >= cfg.LimitRegistration && cfg.LimitRegistration > 0: - i := strconv.Itoa(cfg.LimitRegistration) - log.Println("Limit reached: " + i) - return errors.New("Reached the limit of registered users: " + i) + case cfg.RegistrationLimit > 0 && Count() >= cfg.RegistrationLimit: + log.Printf("Limit reached: %d", cfg.RegistrationLimit) + return fmt.Errorf("Reached the limit of registered users: %d", cfg.RegistrationLimit) case HasUsername(username): log.Println("Username taken") - return errors.New("Username " + username + " is taken already.") + return fmt.Errorf("Username \"%s\" is taken already.", username) case !util.IsPossibleUsername(username): log.Println("Illegal username:", username) return fmt.Errorf("Illegal username \"%s\".", username) @@ -57,14 +54,13 @@ func Register(username, password string) error { return err } u := User{ - Name: username, - Group: "editor", - HashedPassword: string(hash), - RegisteredAt: time.Now(), - Source: SourceRegistration, + Name: username, + Group: "editor", + Password: string(hash), + RegisteredAt: time.Now(), } users.Store(username, &u) - err = dumpRegistrationCredentials() + err = SaveUserDatabase() if err != nil { return err } diff --git a/user/user.go b/user/user.go index a1d6db5..70db3e6 100644 --- a/user/user.go +++ b/user/user.go @@ -4,29 +4,17 @@ import ( "sync" "time" + "github.com/bouncepaw/mycorrhiza/cfg" "golang.org/x/crypto/bcrypt" ) -// UserSource shows where is the user data gotten from. -type UserSource int - -const ( - SourceUnknown UserSource = iota - // SourceFixed is used with users that are predefined using fixed auth - SourceFixed - // SourceRegistration is used with users that are registered through the register form - SourceRegistration -) - // User is a user. type User struct { // Name is a username. It must follow hypha naming rules. - Name string `json:"name"` - Group string `json:"group"` - Password string `json:"password"` // for fixed - HashedPassword string `json:"hashed_password"` // for registered - RegisteredAt time.Time `json:"registered_on"` - Source UserSource `json:"-"` + Name string `json:"name"` + Group string `json:"group"` + Password string `json:"hashed_password"` + RegisteredAt time.Time `json:"registered_on"` sync.RWMutex // A note about why HashedPassword is string and not []byte. The reason is @@ -86,7 +74,7 @@ func EmptyUser() *User { } func (user *User) CanProceed(route string) bool { - if !AuthUsed { + if !cfg.UseAuth { return true } @@ -105,12 +93,6 @@ func (user *User) isCorrectPassword(password string) bool { user.RLock() defer user.RUnlock() - switch user.Source { - case SourceFixed: - return password == user.Password - case SourceRegistration: - err := bcrypt.CompareHashAndPassword([]byte(user.HashedPassword), []byte(password)) - return err == nil - } - return false + err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) + return err == nil } diff --git a/user/users.go b/user/users.go index 8aaa4bb..2abd829 100644 --- a/user/users.go +++ b/user/users.go @@ -1,10 +1,7 @@ package user -import ( - "sync" -) +import "sync" -var AuthUsed bool var users sync.Map var tokens sync.Map @@ -21,28 +18,16 @@ func YieldUsers() chan *User { } func ListUsersWithGroup(group string) []string { - usersWithTheGroup := []string{} + filtered := []string{} for u := range YieldUsers() { if u.Group == group { - usersWithTheGroup = append(usersWithTheGroup, u.Name) + filtered = append(filtered, u.Name) } } - return usersWithTheGroup + return filtered } -func CountRegistered() int { - i := 0 - users.Range(func(k, v interface{}) bool { - if v.(*User).Source == SourceRegistration { - i++ - } - return true - }) - return i -} - -func Count() int { - i := 0 +func Count() (i uint64) { users.Range(func(k, v interface{}) bool { i++ return true diff --git a/views/auth.qtpl b/views/auth.qtpl index c2955ee..649fd82 100644 --- a/views/auth.qtpl +++ b/views/auth.qtpl @@ -1,12 +1,11 @@ {% import "net/http" %} -{% import "github.com/bouncepaw/mycorrhiza/user" %} {% import "github.com/bouncepaw/mycorrhiza/cfg" %} {% func RegisterHTML(rq *http.Request) %}
- {% if cfg.UseRegistration %} + {% if cfg.AllowRegistration %} - {% elseif cfg.UseFixedAuth %} -

Administrators have forbidden registration for this wiki. Administrators can make an account for you by hand; contact them.

+ {% elseif cfg.UseAuth %} +

Registrations are currently closed. Administrators can make an account for you by hand; contact them.

← Go back

{% else %} -

Administrators of this wiki have not configured any authorization method. You can make edits anonymously.

+

Authentication is disabled. You can make edits anonymously.

← Go back

{% endif %}
@@ -40,7 +39,7 @@
- {% if user.AuthUsed %} + {% if cfg.UseAuth %} {% else %} -

Administrators of this wiki have not configured any authorization method. You can make edits anonymously.

+

Authentication is disabled. You can make edits anonymously.

← Go home

{% endif %}
diff --git a/views/auth.qtpl.go b/views/auth.qtpl.go index 5a9bf54..7fffb8a 100644 --- a/views/auth.qtpl.go +++ b/views/auth.qtpl.go @@ -8,46 +8,43 @@ package views import "net/http" //line views/auth.qtpl:2 -import "github.com/bouncepaw/mycorrhiza/user" - -//line views/auth.qtpl:3 import "github.com/bouncepaw/mycorrhiza/cfg" -//line views/auth.qtpl:5 +//line views/auth.qtpl:4 import ( qtio422016 "io" qt422016 "github.com/valyala/quicktemplate" ) -//line views/auth.qtpl:5 +//line views/auth.qtpl:4 var ( _ = qtio422016.Copy _ = qt422016.AcquireByteBuffer ) -//line views/auth.qtpl:5 +//line views/auth.qtpl:4 func StreamRegisterHTML(qw422016 *qt422016.Writer, rq *http.Request) { -//line views/auth.qtpl:5 +//line views/auth.qtpl:4 qw422016.N().S(`
`) -//line views/auth.qtpl:9 - if cfg.UseRegistration { -//line views/auth.qtpl:9 +//line views/auth.qtpl:8 + if cfg.AllowRegistration { +//line views/auth.qtpl:8 qw422016.N().S(` `) -//line views/auth.qtpl:27 - } else if cfg.UseFixedAuth { -//line views/auth.qtpl:27 +//line views/auth.qtpl:26 + } else if cfg.UseAuth { +//line views/auth.qtpl:26 qw422016.N().S(` -

Administrators have forbidden registration for this wiki. Administrators can make an account for you by hand; contact them.

+

Registrations are currently closed. Administrators can make an account for you by hand; contact them.

← Go back

`) -//line views/auth.qtpl:30 +//line views/auth.qtpl:29 } else { -//line views/auth.qtpl:30 +//line views/auth.qtpl:29 qw422016.N().S(` -

Administrators of this wiki have not configured any authorization method. You can make edits anonymously.

+

Authentication is disabled. You can make edits anonymously.

← Go back

`) -//line views/auth.qtpl:33 +//line views/auth.qtpl:32 } -//line views/auth.qtpl:33 +//line views/auth.qtpl:32 qw422016.N().S(`
`) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 } -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 func WriteRegisterHTML(qq422016 qtio422016.Writer, rq *http.Request) { -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 qw422016 := qt422016.AcquireWriter(qq422016) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 StreamRegisterHTML(qw422016, rq) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 qt422016.ReleaseWriter(qw422016) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 } -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 func RegisterHTML(rq *http.Request) string { -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 qb422016 := qt422016.AcquireByteBuffer() -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 WriteRegisterHTML(qb422016, rq) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 qs422016 := string(qb422016.B) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 qt422016.ReleaseByteBuffer(qb422016) -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 return qs422016 -//line views/auth.qtpl:37 +//line views/auth.qtpl:36 } -//line views/auth.qtpl:39 +//line views/auth.qtpl:38 func StreamLoginHTML(qw422016 *qt422016.Writer) { -//line views/auth.qtpl:39 +//line views/auth.qtpl:38 qw422016.N().S(`
`) -//line views/auth.qtpl:43 - if user.AuthUsed { -//line views/auth.qtpl:43 +//line views/auth.qtpl:42 + if cfg.UseAuth { +//line views/auth.qtpl:42 qw422016.N().S(` `) -//line views/auth.qtpl:59 +//line views/auth.qtpl:58 } else { -//line views/auth.qtpl:59 +//line views/auth.qtpl:58 qw422016.N().S(` -

Administrators of this wiki have not configured any authorization method. You can make edits anonymously.

+

Authentication is disabled. You can make edits anonymously.

← Go home

`) -//line views/auth.qtpl:62 +//line views/auth.qtpl:61 } -//line views/auth.qtpl:62 +//line views/auth.qtpl:61 qw422016.N().S(`
`) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 } -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 func WriteLoginHTML(qq422016 qtio422016.Writer) { -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 qw422016 := qt422016.AcquireWriter(qq422016) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 StreamLoginHTML(qw422016) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 qt422016.ReleaseWriter(qw422016) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 } -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 func LoginHTML() string { -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 qb422016 := qt422016.AcquireByteBuffer() -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 WriteLoginHTML(qb422016) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 qs422016 := string(qb422016.B) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 qt422016.ReleaseByteBuffer(qb422016) -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 return qs422016 -//line views/auth.qtpl:66 +//line views/auth.qtpl:65 } -//line views/auth.qtpl:68 +//line views/auth.qtpl:67 func StreamLoginErrorHTML(qw422016 *qt422016.Writer, err string) { -//line views/auth.qtpl:68 +//line views/auth.qtpl:67 qw422016.N().S(`
`) -//line views/auth.qtpl:72 +//line views/auth.qtpl:71 switch err { -//line views/auth.qtpl:73 +//line views/auth.qtpl:72 case "unknown username": -//line views/auth.qtpl:73 +//line views/auth.qtpl:72 qw422016.N().S(`

Unknown username.

`) -//line views/auth.qtpl:75 +//line views/auth.qtpl:74 case "wrong password": -//line views/auth.qtpl:75 +//line views/auth.qtpl:74 qw422016.N().S(`

Wrong password.

`) -//line views/auth.qtpl:77 +//line views/auth.qtpl:76 default: -//line views/auth.qtpl:77 +//line views/auth.qtpl:76 qw422016.N().S(`

`) -//line views/auth.qtpl:78 +//line views/auth.qtpl:77 qw422016.E().S(err) -//line views/auth.qtpl:78 +//line views/auth.qtpl:77 qw422016.N().S(`

`) -//line views/auth.qtpl:79 +//line views/auth.qtpl:78 } -//line views/auth.qtpl:79 +//line views/auth.qtpl:78 qw422016.N().S(`

← Try again

`) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 } -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 func WriteLoginErrorHTML(qq422016 qtio422016.Writer, err string) { -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 qw422016 := qt422016.AcquireWriter(qq422016) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 StreamLoginErrorHTML(qw422016, err) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 qt422016.ReleaseWriter(qw422016) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 } -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 func LoginErrorHTML(err string) string { -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 qb422016 := qt422016.AcquireByteBuffer() -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 WriteLoginErrorHTML(qb422016, err) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 qs422016 := string(qb422016.B) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 qt422016.ReleaseByteBuffer(qb422016) -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 return qs422016 -//line views/auth.qtpl:84 +//line views/auth.qtpl:83 } -//line views/auth.qtpl:86 +//line views/auth.qtpl:85 func StreamLogoutHTML(qw422016 *qt422016.Writer, can bool) { -//line views/auth.qtpl:86 +//line views/auth.qtpl:85 qw422016.N().S(`
`) -//line views/auth.qtpl:90 +//line views/auth.qtpl:89 if can { -//line views/auth.qtpl:90 +//line views/auth.qtpl:89 qw422016.N().S(`

Log out?

Confirm

Cancel

`) -//line views/auth.qtpl:94 +//line views/auth.qtpl:93 } else { -//line views/auth.qtpl:94 +//line views/auth.qtpl:93 qw422016.N().S(`

You cannot log out because you are not logged in.

Login

← Home

`) -//line views/auth.qtpl:98 +//line views/auth.qtpl:97 } -//line views/auth.qtpl:98 +//line views/auth.qtpl:97 qw422016.N().S(`
`) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 } -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 func WriteLogoutHTML(qq422016 qtio422016.Writer, can bool) { -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 qw422016 := qt422016.AcquireWriter(qq422016) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 StreamLogoutHTML(qw422016, can) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 qt422016.ReleaseWriter(qw422016) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 } -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 func LogoutHTML(can bool) string { -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 qb422016 := qt422016.AcquireByteBuffer() -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 WriteLogoutHTML(qb422016, can) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 qs422016 := string(qb422016.B) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 qt422016.ReleaseByteBuffer(qb422016) -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 return qs422016 -//line views/auth.qtpl:102 +//line views/auth.qtpl:101 } diff --git a/views/hypha.qtpl b/views/hypha.qtpl index 7dfe867..aad4562 100644 --- a/views/hypha.qtpl +++ b/views/hypha.qtpl @@ -9,11 +9,11 @@ {% func nonExistentHyphaNotice(h *hyphae.Hypha, u *user.User) %}

This hypha does not exist

- {% if user.AuthUsed && u.Group == "anon" %} + {% if cfg.UseAuth && u.Group == "anon" %}

You are not authorized to create new hyphae. Here is what you can do:

{% else %} diff --git a/views/hypha.qtpl.go b/views/hypha.qtpl.go index 6d882c5..3a43903 100644 --- a/views/hypha.qtpl.go +++ b/views/hypha.qtpl.go @@ -43,7 +43,7 @@ func streamnonExistentHyphaNotice(qw422016 *qt422016.Writer, h *hyphae.Hypha, u

This hypha does not exist

`) //line views/hypha.qtpl:12 - if user.AuthUsed && u.Group == "anon" { + if cfg.UseAuth && u.Group == "anon" { //line views/hypha.qtpl:12 qw422016.N().S(`

You are not authorized to create new hyphae. Here is what you can do:

@@ -51,7 +51,7 @@ func streamnonExistentHyphaNotice(qw422016 *qt422016.Writer, h *hyphae.Hypha, u
  • Log in to your account, if you have one
  • `) //line views/hypha.qtpl:16 - if cfg.UseRegistration { + if cfg.AllowRegistration { //line views/hypha.qtpl:16 qw422016.N().S(`
  • Register a new account
  • `) //line views/hypha.qtpl:16 diff --git a/views/nav.qtpl b/views/nav.qtpl index 90f6d22..fa4abbf 100644 --- a/views/nav.qtpl +++ b/views/nav.qtpl @@ -48,7 +48,7 @@ var navEntries = []navEntry{ {% endfunc %} {% func UserMenuHTML(u *user.User) %} -{% if user.AuthUsed %} +{% if cfg.UseAuth %}
  • {% if u.Group == "anon" %} Login @@ -57,7 +57,7 @@ var navEntries = []navEntry{ {% endif %}
  • {% endif %} -{% if user.AuthUsed && cfg.UseRegistration && u.Group == "anon" %} +{% if cfg.UseAuth && cfg.AllowRegistration && u.Group == "anon" %}
  • Register
  • diff --git a/views/nav.qtpl.go b/views/nav.qtpl.go index 331b342..d8e950b 100644 --- a/views/nav.qtpl.go +++ b/views/nav.qtpl.go @@ -150,7 +150,7 @@ func StreamUserMenuHTML(qw422016 *qt422016.Writer, u *user.User) { qw422016.N().S(` `) //line views/nav.qtpl:51 - if user.AuthUsed { + if cfg.UseAuth { //line views/nav.qtpl:51 qw422016.N().S(`
  • @@ -191,7 +191,7 @@ func StreamUserMenuHTML(qw422016 *qt422016.Writer, u *user.User) { qw422016.N().S(` `) //line views/nav.qtpl:60 - if user.AuthUsed && cfg.UseRegistration && u.Group == "anon" { + if cfg.UseAuth && cfg.AllowRegistration && u.Group == "anon" { //line views/nav.qtpl:60 qw422016.N().S(`
  • diff --git a/views/stuff.qtpl b/views/stuff.qtpl index 735ba17..a59a30d 100644 --- a/views/stuff.qtpl +++ b/views/stuff.qtpl @@ -113,8 +113,8 @@ for u := range user.YieldUsers() {

    About {%s cfg.WikiName %}