Compare commits
22 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Giteabot
|
0f23219ee4 | ||
 jmiller
|
bc475c91f6 | ||
|
Jonathan Miller
|
25268d7dd7 | ||
|
jmiller
|
c7193abc0c | ||
|
Jonathan Miller
|
e6a4dfccf0 | ||
|
jmiller
|
a5c805b0f6 | ||
|
Jonathan Miller
|
46ce0a7e32 | ||
|
jmiller
|
c236c4e018 | ||
|
Jonathan Miller
|
b79b48b760 | ||
|
jmiller
|
22a529dfd8 | ||
|
jmiller
|
09dc64eef0 | ||
|
Jonathan Miller
|
d541a07263 | ||
|
jmiller
|
2eee4bbf1c | ||
|
jmiller
|
2dea95a431 | ||
|
Jonathan Miller
|
f69212859a | ||
|
jmiller
|
3828411311 | ||
|
jmiller
|
447a45ec15 | ||
|
Jonathan Miller
|
f19fd9683f | ||
|
jmiller
|
039ab896cc | ||
|
jmiller
|
65660863d6 | ||
|
Jonathan Miller
|
198ae92579 | ||
|
jmiller
|
bc4eae2e0f |
@@ -63,7 +63,7 @@ func TestFile(t *testing.T) {
|
||||
{
|
||||
name: "tags.py",
|
||||
code: "<>",
|
||||
want: lines(`<span class="o"><</span><span class="o">></span>`),
|
||||
want: lines(`<span class="o"><></span>`),
|
||||
lexerName: "Python",
|
||||
},
|
||||
{
|
||||
@@ -102,7 +102,7 @@ c=2
|
||||
<span class="n">def</span><span class="p">:</span>\n
|
||||
<span class="n">a</span><span class="o">=</span><span class="mi">1</span>\n
|
||||
\n
|
||||
<span class="n">b</span><span class="o">=</span><span class="sa"></span><span class="s1">'</span><span class="s1">'</span>\n
|
||||
<span class="n">b</span><span class="o">=</span><span class="s1">''</span>\n
|
||||
\n
|
||||
<span class="n">c</span><span class="o">=</span><span class="mi">2</span>`,
|
||||
),
|
||||
@@ -114,6 +114,18 @@ c=2
|
||||
want: []template.HTML{"<span class=\"c1\">--\n</span>", `<span class="k">SELECT</span>`},
|
||||
lexerName: "SQL",
|
||||
},
|
||||
{
|
||||
name: "test.http",
|
||||
code: `HTTP/1.0 400 Bad request
|
||||
Content-Type: text/html
|
||||
|
||||
<html></html>`,
|
||||
want: lines(`<span class="kr">HTTP</span><span class="o">/</span><span class="m">1.0</span> <span class="m">400</span> <span class="ne">Bad request</span>\n
|
||||
<span class="n">Content-Type</span><span class="o">:</span> <span class="l">text/html</span>\n
|
||||
\n
|
||||
<span class="p"><</span><span class="nt">html</span><span class="p">></</span><span class="nt">html</span><span class="p">></span>`),
|
||||
lexerName: "HTTP",
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
|
||||
@@ -288,24 +288,24 @@ func detectChromaLexerWithAnalyze(fileName, lang string, code []byte) chroma.Lex
|
||||
|
||||
// if lang is provided, and it matches a lexer, use it directly
|
||||
if byLang {
|
||||
return lexer
|
||||
return chroma.Coalesce(lexer)
|
||||
}
|
||||
|
||||
// if a lexer is detected and there is no conflict for the file extension, use it directly
|
||||
fileExt := path.Ext(fileName)
|
||||
_, hasConflicts := chromaLexers().conflictingExtLangMap[fileExt]
|
||||
if !hasConflicts && lexer != lexers.Fallback {
|
||||
return lexer
|
||||
return chroma.Coalesce(lexer)
|
||||
}
|
||||
|
||||
// try to detect language by content, for best guessing for the language
|
||||
// when using "code" to detect, analyze.GetCodeLanguage is slow, it iterates many rules to detect language from content
|
||||
analyzedLanguage := analyze.GetCodeLanguage(fileName, code)
|
||||
lexer = DetectChromaLexerByFileName(fileName, analyzedLanguage)
|
||||
lexer, _ = detectChromaLexerByFileName(fileName, analyzedLanguage)
|
||||
if lexer == lexers.Fallback {
|
||||
if analyzedLanguage != enry.OtherLanguage {
|
||||
log.Warn("No chroma lexer found for enry detected language: %s (file: %s), need to fix the language mapping between enry and chroma.", analyzedLanguage, fileName)
|
||||
}
|
||||
}
|
||||
return lexer
|
||||
return chroma.Coalesce(lexer)
|
||||
}
|
||||
|
||||
@@ -39,6 +39,13 @@ var (
|
||||
Channel: "stable",
|
||||
}
|
||||
|
||||
// LoginNotification configuration for sign-in alerts
|
||||
LoginNotification = struct {
|
||||
Enabled bool
|
||||
}{
|
||||
Enabled: true,
|
||||
}
|
||||
|
||||
// IsInTesting indicates whether the testing is running (unit test or integration test). It can be used for:
|
||||
// * Skip nonsense error logs during testing caused by unreliable code (TODO: this is only a temporary solution, we should make the test code more reliable)
|
||||
// * Panic in dev or testing mode to make the problem more obvious and easier to debug
|
||||
@@ -171,6 +178,7 @@ func loadCommonSettingsFrom(cfg ConfigProvider) error {
|
||||
loadOtherFrom(cfg)
|
||||
loadUpdateCheckerFrom(cfg)
|
||||
loadNtfyFrom(cfg)
|
||||
loadLoginNotificationFrom(cfg)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -181,6 +189,11 @@ func loadUpdateCheckerFrom(cfg ConfigProvider) {
|
||||
UpdateChecker.Channel = sec.Key("CHANNEL").MustString(UpdateChecker.Channel)
|
||||
}
|
||||
|
||||
func loadLoginNotificationFrom(cfg ConfigProvider) {
|
||||
sec := cfg.Section("login_notification")
|
||||
LoginNotification.Enabled = sec.Key("ENABLED").MustBool(true)
|
||||
}
|
||||
|
||||
func loadRunModeFrom(rootCfg ConfigProvider) {
|
||||
rootSec := rootCfg.Section("")
|
||||
RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername())
|
||||
|
||||
@@ -440,6 +440,9 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember bool) {
|
||||
ctx.ServerError("UpdateUser", err)
|
||||
return
|
||||
}
|
||||
|
||||
// Send login notification (email + ntfy)
|
||||
go mailer.SendLoginNotification(u, ctx.RemoteAddr(), ctx.Req.UserAgent())
|
||||
}
|
||||
|
||||
// extractUserNameFromOAuth2 tries to extract a normalized username from the given OAuth2 user.
|
||||
|
||||
@@ -0,0 +1,84 @@
|
||||
// Copyright 2026 Moko Consulting <hello@mokoconsulting.tech>
|
||||
// SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
package mailer
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
|
||||
"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
|
||||
"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
|
||||
sender_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/mailer/sender"
|
||||
)
|
||||
|
||||
// SendLoginNotification sends email and ntfy notifications when a user signs in.
|
||||
func SendLoginNotification(u *user_model.User, ip, userAgent string) {
|
||||
if !setting.LoginNotification.Enabled {
|
||||
return
|
||||
}
|
||||
|
||||
timestamp := time.Now().UTC().Format("2006-01-02 15:04:05 UTC")
|
||||
subject := fmt.Sprintf("[%s] New sign-in: %s", setting.AppName, u.Name)
|
||||
|
||||
body := fmt.Sprintf(`New sign-in detected
|
||||
|
||||
Account: %s (%s)
|
||||
IP Address: %s
|
||||
Browser: %s
|
||||
Time: %s
|
||||
Instance: %s
|
||||
|
||||
If this wasn't you, change your password immediately and review your active sessions.
|
||||
|
||||
— %s`, u.Name, u.Email, ip, userAgent, timestamp, setting.AppURL, setting.AppName)
|
||||
|
||||
// Email notification
|
||||
if setting.MailService != nil && u.Email != "" {
|
||||
msg := sender_service.NewMessage(u.EmailTo(), subject, body)
|
||||
msg.Info = fmt.Sprintf("Login notification for %s", u.Name)
|
||||
SendAsync(msg)
|
||||
log.Debug("Login notification email sent to %s", u.Email)
|
||||
}
|
||||
|
||||
// ntfy push notification
|
||||
if setting.Ntfy.Enabled && setting.Ntfy.ServerURL != "" {
|
||||
go sendLoginNtfy(subject, u.Name, ip, timestamp)
|
||||
}
|
||||
}
|
||||
|
||||
func sendLoginNtfy(title, username, ip, timestamp string) {
|
||||
body := fmt.Sprintf("User: %s\nIP: %s\nTime: %s", username, ip, timestamp)
|
||||
url := fmt.Sprintf("%s/%s", setting.Ntfy.ServerURL, setting.Ntfy.DefaultTopic)
|
||||
|
||||
req, err := http.NewRequest("POST", url, bytes.NewBufferString(body))
|
||||
if err != nil {
|
||||
log.Error("ntfy login: create request: %v", err)
|
||||
return
|
||||
}
|
||||
|
||||
req.Header.Set("Title", title)
|
||||
req.Header.Set("Priority", "default")
|
||||
req.Header.Set("Tags", "key,login")
|
||||
req.Header.Set("Click", setting.AppURL+"-/admin")
|
||||
if setting.Ntfy.Token != "" {
|
||||
req.Header.Set("Authorization", "Bearer "+setting.Ntfy.Token)
|
||||
}
|
||||
|
||||
client := &http.Client{Timeout: 10 * time.Second}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
log.Error("ntfy login: send: %v", err)
|
||||
return
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
io.Copy(io.Discard, resp.Body)
|
||||
|
||||
if resp.StatusCode >= 300 {
|
||||
log.Error("ntfy login: status %d", resp.StatusCode)
|
||||
}
|
||||
}
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
"crypto/sha256"
|
||||
"fmt"
|
||||
"io"
|
||||
"strings"
|
||||
|
||||
repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
|
||||
"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
|
||||
@@ -17,9 +18,8 @@ import (
|
||||
)
|
||||
|
||||
// GenerateReleaseChecksums computes SHA256 checksums for all attachments
|
||||
// on a release and adds a checksums.sha256 manifest file as an attachment.
|
||||
// on a release and creates a [filename].sha256 file for each one.
|
||||
func GenerateReleaseChecksums(ctx context.Context, rel *repo_model.Release) error {
|
||||
// Load attachments into rel.Attachments
|
||||
if err := repo_model.GetReleaseAttachments(ctx, rel); err != nil {
|
||||
return fmt.Errorf("GetReleaseAttachments: %w", err)
|
||||
}
|
||||
@@ -28,20 +28,19 @@ func GenerateReleaseChecksums(ctx context.Context, rel *repo_model.Release) erro
|
||||
return nil
|
||||
}
|
||||
|
||||
// Remove existing checksums file if present
|
||||
// Remove existing .sha256 files
|
||||
for _, a := range rel.Attachments {
|
||||
if a.Name == "checksums.sha256" {
|
||||
if strings.HasSuffix(a.Name, ".sha256") {
|
||||
if err := repo_model.DeleteAttachment(ctx, a, true); err != nil {
|
||||
log.Warn("Failed to delete old checksums.sha256: %v", err)
|
||||
log.Warn("Failed to delete old %s: %v", a.Name, err)
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
// Compute SHA256 for each attachment
|
||||
var manifest bytes.Buffer
|
||||
// Compute SHA256 for each non-checksum attachment and create individual .sha256 files
|
||||
created := 0
|
||||
for _, a := range rel.Attachments {
|
||||
if a.Name == "checksums.sha256" {
|
||||
if strings.HasSuffix(a.Name, ".sha256") {
|
||||
continue
|
||||
}
|
||||
|
||||
@@ -59,24 +58,24 @@ func GenerateReleaseChecksums(ctx context.Context, rel *repo_model.Release) erro
|
||||
}
|
||||
fr.Close()
|
||||
|
||||
fmt.Fprintf(&manifest, "%x %s\n", h.Sum(nil), a.Name)
|
||||
checksumContent := fmt.Sprintf("%x %s\n", h.Sum(nil), a.Name)
|
||||
checksumReader := bytes.NewBufferString(checksumContent)
|
||||
|
||||
checksumAttach := &repo_model.Attachment{
|
||||
RepoID: rel.RepoID,
|
||||
ReleaseID: rel.ID,
|
||||
Name: a.Name + ".sha256",
|
||||
}
|
||||
|
||||
if _, err := attachment_service.NewAttachment(ctx, checksumAttach, checksumReader, int64(len(checksumContent))); err != nil {
|
||||
log.Warn("Failed to create %s: %v", checksumAttach.Name, err)
|
||||
continue
|
||||
}
|
||||
created++
|
||||
}
|
||||
|
||||
if manifest.Len() == 0 {
|
||||
return nil
|
||||
if created > 0 {
|
||||
log.Info("Generated %d .sha256 checksum files for release %s (repo %d)", created, rel.TagName, rel.RepoID)
|
||||
}
|
||||
|
||||
// Create the checksums.sha256 attachment
|
||||
checksumAttach := &repo_model.Attachment{
|
||||
RepoID: rel.RepoID,
|
||||
ReleaseID: rel.ID,
|
||||
Name: "checksums.sha256",
|
||||
}
|
||||
|
||||
if _, err := attachment_service.NewAttachment(ctx, checksumAttach, &manifest, int64(manifest.Len())); err != nil {
|
||||
return fmt.Errorf("create checksums.sha256 attachment: %w", err)
|
||||
}
|
||||
|
||||
log.Info("Generated checksums.sha256 for release %s (repo %d)", rel.TagName, rel.RepoID)
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
<div class="flex-container-nav">
|
||||
<div class="ui fluid vertical menu">
|
||||
<div class="ui fluid vertical menu" style="text-align: left !important;">
|
||||
<div class="header item">{{ctx.Locale.Tr "admin.settings"}}</div>
|
||||
|
||||
<details class="item toggleable-item" {{if or .PageIsAdminDashboard .PageIsAdminSelfCheck}}open{{end}}>
|
||||
<summary>{{svg "octicon-tools" 16}} {{ctx.Locale.Tr "admin.maintenance"}}</summary>
|
||||
<div class="menu">
|
||||
<a class="{{if .PageIsAdminDashboard}}active {{end}}item" href="{{AppSubUrl}}/-/admin">
|
||||
{{svg "octicon-dashboard" 16}} {{ctx.Locale.Tr "admin.dashboard"}}
|
||||
{{svg "octicon-meter" 16}} {{ctx.Locale.Tr "admin.dashboard"}}
|
||||
</a>
|
||||
<a class="{{if .PageIsAdminSelfCheck}}active {{end}}item" href="{{AppSubUrl}}/-/admin/self_check">
|
||||
{{svg "octicon-check-circle" 16}} {{ctx.Locale.Tr "admin.self_check"}}
|
||||
|
||||
@@ -36,6 +36,7 @@
|
||||
</div>
|
||||
<a href="{{AssetUrlPrefix}}/licenses.txt">{{ctx.Locale.Tr "licenses"}}</a>
|
||||
{{if .EnableSwagger}}<a href="{{AppSubUrl}}/api/swagger">API</a>{{end}}
|
||||
<a href="{{HelpURL}}" target="_blank">{{ctx.Locale.Tr "help"}}</a>
|
||||
{{template "custom/extra_links_footer" .}}
|
||||
</div>
|
||||
</footer>
|
||||
|
||||
@@ -35,9 +35,7 @@
|
||||
|
||||
{{template "custom/extra_links" .}}
|
||||
|
||||
{{if not .IsSigned}}
|
||||
<a class="item" target="_blank" href="{{HelpURL}}">{{ctx.Locale.Tr "help"}}</a>
|
||||
{{end}}
|
||||
<a class="item" target="_blank" href="{{HelpURL}}">{{ctx.Locale.Tr "help"}}</a>
|
||||
</div>
|
||||
|
||||
<!-- the full dropdown menus -->
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
<div class="ui container fluid">
|
||||
<div class="tw-text-center tw-mb-4">
|
||||
<img src="{{AssetUrlPrefix}}/img/login-logo.png" style="max-width: 220px; max-height: 80px; object-fit: contain;" onerror="this.style.display='none'">
|
||||
</div>
|
||||
{{if or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn)}}
|
||||
{{template "base/alert" .}}
|
||||
{{end}}
|
||||
|
||||
@@ -11,6 +11,10 @@
|
||||
width: 240px;
|
||||
}
|
||||
|
||||
.flex-container-nav .ui.menu .item {
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
/* wide sidebar on the right, used in frontpage */
|
||||
.flex-container-sidebar {
|
||||
width: 35%;
|
||||
|
||||
@@ -9,8 +9,8 @@ details.toggleable-item .menu {
|
||||
|
||||
details.toggleable-item summary {
|
||||
display: flex;
|
||||
justify-content: space-between;
|
||||
align-items: center;
|
||||
gap: 0.5em;
|
||||
padding: 0.92857143em 1.14285714em;
|
||||
}
|
||||
|
||||
@@ -20,6 +20,7 @@ details.toggleable-item summary::-webkit-details-marker /* Safari */ {
|
||||
}
|
||||
|
||||
details.toggleable-item summary::after {
|
||||
margin-left: auto;
|
||||
transition: transform 0.25s ease;
|
||||
content: "";
|
||||
width: 14px;
|
||||
@@ -35,3 +36,8 @@ details.toggleable-item summary::after {
|
||||
details.toggleable-item[open] summary::after {
|
||||
transform: rotate(90deg);
|
||||
}
|
||||
|
||||
.flex-container-nav .ui.menu .item {
|
||||
text-align: left !important;
|
||||
justify-content: flex-start !important;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user