Private mode

[bilogic]

Hi,

I finally managed to set things up, really nice work!

Gitprep shows all users and repos without any login. Able to require login before anything is shown?

I tried creating a private repository, but other users who logged in cannot see them.

My suggestion is to have a mode that hides everything until a user logs in.

Thank you!

[bilogic]

<%

  # API
  my $api = gitprep_api;

  # Authentication
  unless ($api->logined) {
    $self->redirect_to('/_login');
    return;
  }
...

I found out it involves adding the above to the top of templates/auto/index.html.ep

1. How do I make it configurable from gitprep.conf?
2. And is there something like a middleware which can affect all HTTP requests instead of going to each HTML template?

Thank you.

[yuki-kimoto]

How do I make it configurable from gitprep.conf?

Yes. Please create a new option.

And is there something like a middleware which can affect all HTTP requests instead of going to each HTML template?

In Mojolicious, that is in under method.

https://github.com/yuki-kimoto/gitprep/blob/master/lib/Gitprep.pm#L344

[bilogic]

# Authentication
{
    my $path = $self->req->url->path->parts->[0] || '';
    my $op = $self->param('op') || '';
    my $redirect = 1;

    if ($path eq '_login') {
        $redirect = 0;
    }

    if (lc $self->req->method eq 'post' && $op eq 'login') {
        $redirect = 0;
    }

    if (!$api->logined_admin && $redirect == 1) {
        $self->redirect_to('/_login');
        return;
    }
}

1. I tried above code, but keep getting 302 back to /_login URL. Any idea why?
2. Where can I find example of how to read from conf file?

Thank you.

[yuki-kimoto]

Where can I find example of how to read from conf file?

use config method.

https://github.com/yuki-kimoto/gitprep/blob/master/lib/Gitprep.pm#L637

If you read config from templates.

my $value = $self->app->config->{basic}{foo};

[bilogic]

Ok thanks! I'm really having trouble understanding the under(...) method, is what I'm trying to do possible? i.e. prevent all pages from being viewed until user logs in.

[yuki-kimoto]

I tried above code, but keep getting 302 back to /_login URL. Any idea why?

For example. In under method.

my $hide_all_no_login = $self->config->{basic}{hide_all_no_login};

if ($hide_all_no_login && !$api->logined) {
   $self->redirect_to('/_login');
   return;
}

[bilogic]

Thanks! Let me try, I will file a PR once it works

[bilogic]

I tried above code, but keep getting 302 back to /_login URL. Any idea why?

For example. In under method.

my $hide_all_no_login = $self->config->{basic}{hide_all_no_login};

if ($hide_all_no_login && !$api->logined) {
   $self->redirect_to('/_login');
   return;
}

Hmm, doesn't work. Based on my testing, /user1 does not flow through under(). No matter, what I wrote, loading /user1 does not redirect to /_login

I wrote the below in under(), but /user1 loaded as per normal.

            $self->render(text => "Hello.");
            return;

[yuki-kimoto]

Could you push the branch? and pull request for test.

I want to login.

[yuki-kimoto]

Sorry, Please the following things.

/user1 does not flow through under()

write the following warnings in under method.

warn "AAAAAAAA";

Can you get output in stderr?

# Run developping mode
./morbo

[bilogic]

@yuki-kimoto

Ok, I'm seeing lines appear in log/development.log for all URLs.

Trying to figure out the issue. Thank you.

[yuki-kimoto]

OK.

If you have a trouble, you can ask questions!

[bilogic]

I think also need to add basic auth for private mode git clone https://....

I found this https://metacpan.org/pod/Mojolicious::Plugin::BasicAuth, but not sure how to read the username/password from database.

Any idea? Thank you.

[yuki-kimoto]

Authentication logic is already exists in GitPrep. Please see the following code at first.

https://github.com/yuki-kimoto/gitprep/blob/master/templates/auto/_login.html.ep#L40

Do you feel Is this not enough?

[bilogic]

It's ok now, I did not know .git was handled separately. Thank you.