lfs: implement HTTP routes (#6035)

* Bootstrap with GORM * Fix lint error * Set conn max lifetime to one minute * Fallback to use gorm v1 * Define HTTP routes * Finish authentication * Save token updated * Add docstring * Finish authorization * serveBatch rundown * Define types in lfsutil * Finish Batch * authutil * Finish basic * Formalize response error * Fix lint errors * authutil: add tests * dbutil: add tests * lfsutil: add tests * strutil: add tests * Formalize 401 response
2025-12-22 08:09:59 +01:00 · 2020-04-04 21:14:15 +08:00
parent 2bd9d0b9c8
commit 34145c990d
69 changed files with 1847 additions and 558 deletions
--- a/internal/authutil/basic.go
+++ b/internal/authutil/basic.go
@@ -0,0 +1,35 @@
+// Copyright 2020 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package authutil
+
+import (
+	"encoding/base64"
+	"net/http"
+	"strings"
+)
+
+// DecodeBasic extracts username and password from given header using HTTP Basic Auth.
+// It returns empty strings if values are not presented or not valid.
+func DecodeBasic(header http.Header) (username, password string) {
+	if len(header) == 0 {
+		return "", ""
+	}
+
+	fields := strings.Fields(header.Get("Authorization"))
+	if len(fields) != 2 || fields[0] != "Basic" {
+		return "", ""
+	}
+
+	p, err := base64.StdEncoding.DecodeString(fields[1])
+	if err != nil {
+		return "", ""
+	}
+
+	creds := strings.SplitN(string(p), ":", 2)
+	if len(creds) == 1 {
+		return creds[0], ""
+	}
+	return creds[0], creds[1]
+}