wow, i just pulled a repo via git from this interface... its

beautiful... havent got backend setup for pushing yet, but we're a
step closer. I've found i can "read" without having to use
git-http-backend - which is grand.

Other changes
Made a single function for checking user auth
added a function to push for a basic auth login
added a function to check for basic auth details

diff --git a/gwvplib/gwvpauth.php b/gwvplib/gwvpauth.php
index 8aa0533..f7e036d 100644 (file)
--- a/gwvplib/gwvpauth.php
+++ b/gwvplib/gwvpauth.php
@@ -30,6 +30,15 @@ function gwvp_AuthCallMe()
        return false;
 }
 
+function gwvp_AskForBasicAuth()
+{
+       if(!isset($_SERVER["PHP_AUTH_USER"])) {
+               header('WWW-Authenticate: Basic realm="My Realm"');
+               header('HTTP/1.0 401 Unauthorized');
+               exit(0);
+       } else return; 
+}
+
 // $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
 function gwvp_CheckAuthLevel($levels)
 {
@@ -45,6 +54,12 @@ function gwvp_CheckAuthLevel($levels)
        return false;
 }
 
+function gwvp_fourZeroThree()
+{
+       header("HTTP/1.0 403 Permission Denied");
+       exit(0);
+}
+
 function gwvp_AuthNoPerms()
 {
        gwvp_goMainPage("gwvp_AuthNoPermsBody");
@@ -77,6 +92,18 @@ function gwvp_RegistrationCall()
        }
 }
 
+function gwvp_authUserPass($user, $pass)
+{
+       $details = gwvp_getUser($user);
+       if($details == false) {
+               return false;
+       }
+       
+       if(sha1($pass)!=$details["password"]) return false;
+       
+       return $details["username"];
+}
+
 function gwvp_AuthHandleLogin()
 {
        global $BASE_URL;
@@ -86,17 +113,9 @@ function gwvp_AuthHandleLogin()
        if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
        if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
 
-       $details = gwvp_getUser($user);
-       if($details == false) {
-               gwvp_SendMessage("error", "Login Failed");
-               header("Location: $BASE_URL");
-               return false;
-       }
-
-       if(sha1($pass)!=$details["password"]) {
+       if(gwvp_authUserPass($user, $pass) === false) {
                gwvp_SendMessage("error", "Login Failed");
                header("Location: $BASE_URL");
-               return false;
        } else {
                $_SESSION["isloggedin"] = true;
                $_SESSION["username"] = "$user";
@@ -141,6 +160,21 @@ function gwvp_RegistrationPageBody()
        <?php
 }
 
+function gwvp_checkBasicAuthLogin()
+{
+       $user = false;
+       $pass = false;
+       if(isset($_SERVER["PHP_AUTH_USER"])) {
+               $user = $_SERVER["PHP_AUTH_USER"];
+       } else return false;
+       
+       if(isset($_SERVER["PHP_AUTH_PW"])) {
+               $pass = $_SERVER["PHP_AUTH_PW"];
+       } else return false;
+       
+       return gwvp_authUserPass($user, $pass);
+}
+
 function gwvp_IsLoggedIn()
 {
        if(isset($_SESSION["isloggedin"])) {

diff --git a/gwvplib/gwvpgitcontrol.php b/gwvplib/gwvpgitcontrol.php
index b5c7c49..a949fab 100644 (file)
--- a/gwvplib/gwvpgitcontrol.php
+++ b/gwvplib/gwvpgitcontrol.php
@@ -22,8 +22,49 @@ function gwvp_gitControlCallMe()
        
 }
 
+function gwvp_repoPermissionCheck()
+{
+       return true;
+}
+
 function gwvp_gitBackendInterface()
 {
+       global $repo_base, $BASE_URL;
+       
+       $repo = "";
+       $newloc = "/";
+       if(isset($_REQUEST["q"])) {
+               $query = $_REQUEST["q"];
+               $qspl = explode("/", $query);
+               $repo = $qspl[1];
+               for($i=2; $i < count($qspl); $i++) {
+                       $newloc .= "/".$qspl[$i];
+               }
+       }
+       
+       $actual_repo_name = preg_replace("/\.git$/", "", $repo); 
+       
+       $user = gwvp_checkBasicAuthLogin();
+
+       if(!$user) {
+               error_log("User is set to false, so its anonymouse");
+       } else {
+               error_log("user is $user");
+       }
+       
+       // must remember that $user of false is anonymous when we code gwvp_repoPerm'sCheck()
+       if(!gwvp_repoPermissionCheck($actual_repo_name, $user)) {
+               error_log("perms check fails - start auth");
+               if(isset($_SERVER["PHP_AUTH_USER"])) {
+                       error_log("have auth - push 403");
+                       gwvp_fourZeroThree();
+               } else {
+                       error_log("push auth");
+                       gwvp_AskForBasicAuth();
+                       return;
+               }
+       }
+       
        // we need to quite a bit of parsing in here. The "repo" will always be /git/repo.git
        // but if we get here from a browser, we need to forward back to a normal repo viewer
        // the only way i can think of doing this is to check the useragent for the word "git"
@@ -40,25 +81,44 @@ function gwvp_gitBackendInterface()
         */
        $agent = "git-unknown";
        $isgitagent = false;
+       
+       // tested the user agent bit with jgit from eclipse and normal git... seems to work
        if(isset($_SERVER["HTTP_USER_AGENT"])) {
                $agent = $_SERVER["HTTP_USER_AGENT"];
-               error_log("in git backend with user agent");
+               error_log("in git backend with user agent $agent");
                if(stristr($agent, "git")!==false) {
                        $isgitagent = true;
                }
        }
        
-       $repo = "";
-       if(isset($_REQUEST["q"])) {
-               $query = $_REQUEST["q"];
-               $qspl = explode("/", $query);
-               $repo = $qspl[1];
-       }
+       
                
+       /* dont need this code right now
        if($isgitagent) echo "GIT: i am a git backened interface for a repo $repo, agent $agent";
        else echo "NOT GIT: i am a git backened interface for a repo $repo, agent $agent";
+       */
+       
+       // now we need to rebuild the actual request or do we?
+       //$basegit = "$BASE_URL/git/something.git";
+       //$newloc = preg_replace("/^$basegit/", "", $_SERVER["REQUEST_URI"]);
+       
+       if(file_exists("$repo_base/$repo/$newloc")) {
+               error_log("would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc");
+               $fh = fopen("$repo_base/$repo/$newloc", "rb");
+               
+               error_log("pushing file");
+               while(!feof($fh)) {
+                       echo fread($fh, 8192);
+               }
+       } else {
+               echo "would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc, NE";
+               header('HTTP/1.0 404 No Such Thing');
+               return;
+       }
 }
 
+
+
 function gwvp_repoExists($name)
 {
        global $repo_base;

diff --git a/gwvplib/gwvplib.php b/gwvplib/gwvplib.php
index 693486c..526c9cc 100644 (file)
--- a/gwvplib/gwvplib.php
+++ b/gwvplib/gwvplib.php
@@ -15,7 +15,7 @@ require_once("gwvpgitcontrol.php");
 require_once("gwvppluginloader.php");
 
 // only enable this if you need it:
-require_once("gwvpdebug.php");
+// require_once("gwvpdebug.php");
 
 
 ?>
\ No newline at end of file