mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-18 20:09:26 +00:00
b82293270c
* Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>
126 lines
5.4 KiB
Handlebars
126 lines
5.4 KiB
Handlebars
<h4 class="ui top attached header">
|
|
{{.i18n.Tr "settings.manage_gpg_keys"}}
|
|
<div class="ui right">
|
|
<div class="ui blue tiny show-panel button" data-panel="#add-gpg-key-panel">{{.i18n.Tr "settings.add_key"}}</div>
|
|
</div>
|
|
</h4>
|
|
<div class="ui attached segment">
|
|
<div class="ui key list">
|
|
<div class="item">
|
|
{{.i18n.Tr "settings.gpg_desc"}}
|
|
</div>
|
|
{{range .GPGKeys}}
|
|
<div class="item">
|
|
<div class="right floated content">
|
|
<button class="ui red tiny button delete-button" id="delete-gpg" data-url="{{$.Link}}/delete?type=gpg" data-id="{{.ID}}">
|
|
{{$.i18n.Tr "settings.delete_key"}}
|
|
</button>
|
|
{{if and (not .Verified) (ne $.VerifyingID .KeyID)}}
|
|
<a class="ui blue tiny show-panel button" href="{{$.Link}}?verify_gpg={{.KeyID}}">{{$.i18n.Tr "settings.gpg_key_verify"}}</a>
|
|
{{end}}
|
|
</div>
|
|
<div class="left floated content">
|
|
<span class="{{if or .ExpiredUnix.IsZero ($.PageStartTime.Before .ExpiredUnix.AsTime)}}green{{end}}">{{svg "octicon-key" 32}}</span>
|
|
</div>
|
|
<div class="content">
|
|
{{if .Verified}}
|
|
<span class="poping up" data-content="{{$.i18n.Tr "settings.gpg_key_verified_long"}}">{{svg "octicon-shield-check"}} <strong>{{$.i18n.Tr "settings.gpg_key_verified"}}</strong></span>
|
|
{{end}}
|
|
{{if gt (len .Emails) 0}}
|
|
<span class="poping up" data-content="{{$.i18n.Tr "settings.gpg_key_matched_identities_long"}}">{{svg "octicon-mail"}} {{$.i18n.Tr "settings.gpg_key_matched_identities"}} {{range .Emails}}<strong>{{.Email}} </strong>{{end}}</span>
|
|
{{end}}
|
|
<div class="print meta">
|
|
<b>{{$.i18n.Tr "settings.key_id"}}:</b> {{.KeyID}}
|
|
<b>{{$.i18n.Tr "settings.subkeys"}}:</b> {{range .SubsKey}} {{.KeyID}} {{end}}
|
|
</div>
|
|
<div class="activity meta">
|
|
<i>{{$.i18n.Tr "settings.add_on"}} <span>{{.AddedUnix.FormatShort}}</span></i>
|
|
-
|
|
<i>{{if not .ExpiredUnix.IsZero}}{{$.i18n.Tr "settings.valid_until"}} <span>{{.ExpiredUnix.FormatShort}}</span>{{else}}{{$.i18n.Tr "settings.valid_forever"}}{{end}}</i>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
{{if and (not .Verified) (eq $.VerifyingID .KeyID)}}
|
|
<div class="ui segment">
|
|
<h4>{{$.i18n.Tr "settings.gpg_token_required"}}</h4>
|
|
<form class="ui form{{if $.HasGPGVerifyError}} error{{end}}" action="{{$.Link}}" method="post">
|
|
{{$.CsrfTokenHtml}}
|
|
<input type="hidden" name="title" value="none">
|
|
<input type="hidden" name="content" value="{{.KeyID}}">
|
|
<input type="hidden" name="key_id" value="{{.KeyID}}">
|
|
<div class="field">
|
|
<label for="token">{{$.i18n.Tr "settings.gpg_token"}}</label>
|
|
<input readonly="" value="{{$.TokenToSign}}">
|
|
<div class="help">
|
|
<p>{{$.i18n.Tr "settings.gpg_token_help"}}</p>
|
|
<p><code>{{$.i18n.Tr "settings.gpg_token_code" $.TokenToSign .KeyID}}</code></p>
|
|
</div>
|
|
<br>
|
|
</div>
|
|
<div class="field">
|
|
<label for="signature">{{$.i18n.Tr "settings.gpg_token_signature"}}</label>
|
|
<textarea id="gpg-key-signature" name="signature" placeholder="{{$.i18n.Tr "settings.key_signature_gpg_placeholder"}}" required>{{$.signature}}</textarea>
|
|
</div>
|
|
<input name="type" type="hidden" value="verify_gpg">
|
|
<button class="ui green button">
|
|
{{$.i18n.Tr "settings.gpg_key_verify"}}
|
|
</button>
|
|
<a class="ui red button" href="{{$.Link}}">
|
|
{{$.i18n.Tr "settings.cancel"}}
|
|
</a>
|
|
</form>
|
|
</div>
|
|
{{end}}
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
<br>
|
|
<p>{{.i18n.Tr "settings.gpg_helper" "https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/about-commit-signature-verification#gpg-commit-signature-verification" | Str2html}}</p>
|
|
<div {{if not .HasGPGError}}class="hide"{{end}} id="add-gpg-key-panel">
|
|
<h4 class="ui top attached header">
|
|
{{.i18n.Tr "settings.add_new_gpg_key"}}
|
|
</h4>
|
|
<div class="ui attached segment">
|
|
<form class="ui form{{if .HasGPGError}} error{{end}}" action="{{.Link}}" method="post">
|
|
{{.CsrfTokenHtml}}
|
|
<input type="hidden" name="title" value="none">
|
|
<div class="field {{if .Err_Content}}error{{end}}">
|
|
<label for="content">{{.i18n.Tr "settings.key_content"}}</label>
|
|
<textarea id="gpg-key-content" name="content" placeholder="{{.i18n.Tr "settings.key_content_gpg_placeholder"}}" required>{{.content}}</textarea>
|
|
</div>
|
|
{{if .Err_Signature}}
|
|
<div class="ui error message">
|
|
<p>{{.i18n.Tr "settings.gpg_token_required"}}</p>
|
|
</div>
|
|
<div class="field">
|
|
<label for="token">{{.i18n.Tr "setting.gpg_token"}}
|
|
<input readonly="" value="{{.TokenToSign}}">
|
|
<div class="help">
|
|
<p>{{.i18n.Tr "settings.gpg_token_help"}}</p>
|
|
<p><code>{{$.i18n.Tr "settings.gpg_token_code" .TokenToSign .KeyID}}</code></p>
|
|
</div>
|
|
</div>
|
|
<div class="field">
|
|
<label for="signature">{{.i18n.Tr "settings.gpg_token_signature"}}</label>
|
|
<textarea id="gpg-key-signature" name="signature" placeholder="{{.i18n.Tr "settings.key_signature_gpg_placeholder"}}" required>{{.signature}}</textarea>
|
|
</div>
|
|
{{end}}
|
|
<input name="type" type="hidden" value="gpg">
|
|
<button class="ui green button">
|
|
{{.i18n.Tr "settings.add_key"}}
|
|
</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="ui small basic delete modal" id="delete-gpg">
|
|
<div class="ui icon header">
|
|
{{svg "octicon-trash"}}
|
|
{{.i18n.Tr "settings.gpg_key_deletion"}}
|
|
</div>
|
|
<div class="content">
|
|
<p>{{.i18n.Tr "settings.gpg_key_deletion_desc"}}</p>
|
|
</div>
|
|
{{template "base/delete_modal_actions" .}}
|
|
</div>
|