combined totp, access tokens, linked accounts and openid into security settings page

Author: daviian

integrations/links_test.go

@@ -97,9 +97,8 @@ func testLinksAsUser(userName string, t *testing.T) {
 		"/user/settings/security",
 		"/user/settings/security/two_factor/enroll",
 		"/user/settings/keys",
-		"/user/settings/applications",
-		"/user/settings/account_link",
 		"/user/settings/organization",
+		"/user/settings/repos",
 	}
 
 	session := loginUser(t, userName)

routers/routes/routes.go

@@ -225,28 +225,28 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/email/delete", user.DeleteEmail)
 			m.Post("/delete", user.SettingsDelete)
 		})
-		m.Get("/security", user.SettingsSecurity)
-		m.Group("/openid", func() {
-			m.Combo("").Get(user.SettingsOpenID).
-				Post(bindIgnErr(auth.AddOpenIDForm{}), user.SettingsOpenIDPost)
-			m.Post("/delete", user.DeleteOpenID)
-			m.Post("/toggle_visibility", user.ToggleOpenIDVisibility)
-		}, openIDSignInEnabled)
+		m.Group("/security", func() {
+			m.Get("", user.SettingsSecurity)
+			m.Group("/two_factor", func() {
+				m.Post("/regenerate_scratch", user.SettingsTwoFactorRegenerateScratch)
+				m.Post("/disable", user.SettingsTwoFactorDisable)
+				m.Get("/enroll", user.SettingsTwoFactorEnroll)
+				m.Post("/enroll", bindIgnErr(auth.TwoFactorAuthForm{}), user.SettingsTwoFactorEnrollPost)
+			})
+			m.Group("/openid", func() {
+				m.Post("", bindIgnErr(auth.AddOpenIDForm{}), user.SettingsOpenIDPost)
+				m.Post("/delete", user.DeleteOpenID)
+				m.Post("/toggle_visibility", user.ToggleOpenIDVisibility)
+			}, openIDSignInEnabled)
+			m.Post("/applications", bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost)
+			m.Post("/applications/delete", user.SettingsDeleteApplication)
+			m.Post("/account_link", user.SettingsDeleteAccountLink)
+		})
 		m.Combo("/keys").Get(user.SettingsKeys).
 			Post(bindIgnErr(auth.AddKeyForm{}), user.SettingsKeysPost)
 		m.Post("/keys/delete", user.DeleteKey)
-		m.Combo("/applications").Get(user.SettingsApplications).
-			Post(bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost)
-		m.Post("/applications/delete", user.SettingsDeleteApplication)
-		m.Combo("/account_link").Get(user.SettingsAccountLinks).Post(user.SettingsDeleteAccountLink)
 		m.Get("/organization", user.SettingsOrganization)
 		m.Get("/repos", user.SettingsRepos)
-		m.Group("/security/two_factor", func() {
-			m.Post("/regenerate_scratch", user.SettingsTwoFactorRegenerateScratch)
-			m.Post("/disable", user.SettingsTwoFactorDisable)
-			m.Get("/enroll", user.SettingsTwoFactorEnroll)
-			m.Post("/enroll", bindIgnErr(auth.TwoFactorAuthForm{}), user.SettingsTwoFactorEnrollPost)
-		})
 	}, reqSignIn, func(ctx *context.Context) {
 		ctx.Data["PageIsUserSettings"] = true
 	})

routers/user/setting.go

@@ -31,15 +31,11 @@ import (
 const (
 	tplSettingsProfile      base.TplName = "user/settings/profile"
 	tplSettingsAccount      base.TplName = "user/settings/account"
-	tplSettingsKeys         base.TplName = "user/settings/keys"
-	tplSettingsSocial       base.TplName = "user/settings/social"
-	tplSettingsApplications base.TplName = "user/settings/applications"
-	tplSettingsTwofa        base.TplName = "user/settings/twofa"
+	tplSettingsSecurity     base.TplName = "user/settings/security"
 	tplSettingsTwofaEnroll  base.TplName = "user/settings/twofa_enroll"
-	tplSettingsAccountLink  base.TplName = "user/settings/account_link"
+	tplSettingsKeys         base.TplName = "user/settings/keys"
 	tplSettingsOrganization base.TplName = "user/settings/organization"
 	tplSettingsRepositories base.TplName = "user/settings/repos"
-	tplSettingsSecurity     base.TplName = "user/settings/security"
 )
 
 // Settings render user's profile page
@@ -356,11 +352,109 @@ func SettingsSecurity(ctx *context.Context) {
 			return
 		}
 	}
-
 	ctx.Data["TwofaEnrolled"] = enrolled
+
+	tokens, err := models.ListAccessTokens(ctx.User.ID)
+	if err != nil {
+		ctx.ServerError("ListAccessTokens", err)
+		return
+	}
+	ctx.Data["Tokens"] = tokens
+
+	accountLinks, err := models.ListAccountLinks(ctx.User)
+	if err != nil {
+		ctx.ServerError("ListAccountLinks", err)
+		return
+	}
+
+	// map the provider display name with the LoginSource
+	sources := make(map[*models.LoginSource]string)
+	for _, externalAccount := range accountLinks {
+		if loginSource, err := models.GetLoginSourceByID(externalAccount.LoginSourceID); err == nil {
+			var providerDisplayName string
+			if loginSource.IsOAuth2() {
+				providerTechnicalName := loginSource.OAuth2().Provider
+				providerDisplayName = models.OAuth2Providers[providerTechnicalName].DisplayName
+			} else {
+				providerDisplayName = loginSource.Name
+			}
+			sources[loginSource] = providerDisplayName
+		}
+	}
+	ctx.Data["AccountLinks"] = sources
+
+	if ctx.Query("openid.return_to") != "" {
+		settingsOpenIDVerify(ctx)
+		return
+	}
+
+	openid, err := models.GetUserOpenIDs(ctx.User.ID)
+	if err != nil {
+		ctx.ServerError("GetUserOpenIDs", err)
+		return
+	}
+	ctx.Data["OpenIDs"] = openid
+
 	ctx.HTML(200, tplSettingsSecurity)
 }
 
+// SettingsApplicationsPost response for add user's access token
+func SettingsApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm) {
+	ctx.Data["Title"] = ctx.Tr("settings")
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	if ctx.HasError() {
+		tokens, err := models.ListAccessTokens(ctx.User.ID)
+		if err != nil {
+			ctx.ServerError("ListAccessTokens", err)
+			return
+		}
+		ctx.Data["Tokens"] = tokens
+		ctx.HTML(200, tplSettingsSecurity)
+		return
+	}
+
+	t := &models.AccessToken{
+		UID:  ctx.User.ID,
+		Name: form.Name,
+	}
+	if err := models.NewAccessToken(t); err != nil {
+		ctx.ServerError("NewAccessToken", err)
+		return
+	}
+
+	ctx.Flash.Success(ctx.Tr("settings.generate_token_success"))
+	ctx.Flash.Info(t.Sha1)
+
+	ctx.Redirect(setting.AppSubURL + "/user/settings/security")
+}
+
+// SettingsDeleteApplication response for delete user access token
+func SettingsDeleteApplication(ctx *context.Context) {
+	if err := models.DeleteAccessTokenByID(ctx.QueryInt64("id"), ctx.User.ID); err != nil {
+		ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
+	} else {
+		ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
+	}
+
+	ctx.JSON(200, map[string]interface{}{
+		"redirect": setting.AppSubURL + "/user/settings/security",
+	})
+}
+
+// SettingsDeleteAccountLink delete a single account link
+func SettingsDeleteAccountLink(ctx *context.Context) {
+	if _, err := models.RemoveAccountLink(ctx.User, ctx.QueryInt64("loginSourceID")); err != nil {
+		ctx.Flash.Error("RemoveAccountLink: " + err.Error())
+	} else {
+		ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success"))
+	}
+
+	ctx.JSON(200, map[string]interface{}{
+		"redirect": setting.AppSubURL + "/user/settings/security",
+	})
+}
+
 // SettingsKeys render user's SSH/GPG public keys page
 func SettingsKeys(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")
@@ -492,65 +586,6 @@ func DeleteKey(ctx *context.Context) {
 	})
 }
 
-// SettingsApplications render user's access tokens page
-func SettingsApplications(ctx *context.Context) {
-	ctx.Data["Title"] = ctx.Tr("settings")
-	ctx.Data["PageIsSettingsApplications"] = true
-
-	tokens, err := models.ListAccessTokens(ctx.User.ID)
-	if err != nil {
-		ctx.ServerError("ListAccessTokens", err)
-		return
-	}
-	ctx.Data["Tokens"] = tokens
-
-	ctx.HTML(200, tplSettingsApplications)
-}
-
-// SettingsApplicationsPost response for add user's access token
-func SettingsApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm) {
-	ctx.Data["Title"] = ctx.Tr("settings")
-	ctx.Data["PageIsSettingsApplications"] = true
-
-	if ctx.HasError() {
-		tokens, err := models.ListAccessTokens(ctx.User.ID)
-		if err != nil {
-			ctx.ServerError("ListAccessTokens", err)
-			return
-		}
-		ctx.Data["Tokens"] = tokens
-		ctx.HTML(200, tplSettingsApplications)
-		return
-	}
-
-	t := &models.AccessToken{
-		UID:  ctx.User.ID,
-		Name: form.Name,
-	}
-	if err := models.NewAccessToken(t); err != nil {
-		ctx.ServerError("NewAccessToken", err)
-		return
-	}
-
-	ctx.Flash.Success(ctx.Tr("settings.generate_token_success"))
-	ctx.Flash.Info(t.Sha1)
-
-	ctx.Redirect(setting.AppSubURL + "/user/settings/applications")
-}
-
-// SettingsDeleteApplication response for delete user access token
-func SettingsDeleteApplication(ctx *context.Context) {
-	if err := models.DeleteAccessTokenByID(ctx.QueryInt64("id"), ctx.User.ID); err != nil {
-		ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
-	} else {
-		ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
-	}
-
-	ctx.JSON(200, map[string]interface{}{
-		"redirect": setting.AppSubURL + "/user/settings/applications",
-	})
-}
-
 // SettingsTwoFactorRegenerateScratch regenerates the user's 2FA scratch code.
 func SettingsTwoFactorRegenerateScratch(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")
@@ -716,49 +751,6 @@ func SettingsTwoFactorEnrollPost(ctx *context.Context, form auth.TwoFactorAuthFo
 	ctx.Redirect(setting.AppSubURL + "/user/settings/security")
 }
 
-// SettingsAccountLinks render the account links settings page
-func SettingsAccountLinks(ctx *context.Context) {
-	ctx.Data["Title"] = ctx.Tr("settings")
-	ctx.Data["PageIsSettingsAccountLink"] = true
-
-	accountLinks, err := models.ListAccountLinks(ctx.User)
-	if err != nil {
-		ctx.ServerError("ListAccountLinks", err)
-		return
-	}
-
-	// map the provider display name with the LoginSource
-	sources := make(map[*models.LoginSource]string)
-	for _, externalAccount := range accountLinks {
-		if loginSource, err := models.GetLoginSourceByID(externalAccount.LoginSourceID); err == nil {
-			var providerDisplayName string
-			if loginSource.IsOAuth2() {
-				providerTechnicalName := loginSource.OAuth2().Provider
-				providerDisplayName = models.OAuth2Providers[providerTechnicalName].DisplayName
-			} else {
-				providerDisplayName = loginSource.Name
-			}
-			sources[loginSource] = providerDisplayName
-		}
-	}
-	ctx.Data["AccountLinks"] = sources
-
-	ctx.HTML(200, tplSettingsAccountLink)
-}
-
-// SettingsDeleteAccountLink delete a single account link
-func SettingsDeleteAccountLink(ctx *context.Context) {
-	if _, err := models.RemoveAccountLink(ctx.User, ctx.QueryInt64("loginSourceID")); err != nil {
-		ctx.Flash.Error("RemoveAccountLink: " + err.Error())
-	} else {
-		ctx.Flash.Success(ctx.Tr("settings.remove_account_link_success"))
-	}
-
-	ctx.JSON(200, map[string]interface{}{
-		"redirect": setting.AppSubURL + "/user/settings/account_link",
-	})
-}
-
 // SettingsOrganization render all the organization of the user
 func SettingsOrganization(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")