Make gitweb redirect to login

Make gitweb redirect to the login page if the user isn't currently logged in Change-Id: Ib5b30d433b7ae629da00c02de5abc9d6990c6fc1
2014-06-04 11:12:18 -04:00
parent da2f2658d0
commit b0a36c386b
1 changed files with 11 additions and 1 deletions
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/gitweb/GitWebServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/gitweb/GitWebServlet.java
@@ -387,7 +387,7 @@ class GitWebServlet extends HttpServlet {
        // Allow anonymous users a chance to login.
        // Avoid leaking information by not distinguishing between
        // project not existing and no access rights.
-        rsp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+        rsp.sendRedirect(getLoginRedirectUrl(req));
      }
      return;
    }
@@ -408,6 +408,16 @@ class GitWebServlet extends HttpServlet {
    }
  }

+  private static String getLoginRedirectUrl(HttpServletRequest req) {
+    String loginUrl = req.getContextPath() + "/login/";
+    String token = req.getRequestURI().substring(1);
+    String queryString = req.getQueryString();
+    if (queryString != null && !queryString.isEmpty()) {
+      token = token.concat("?" + queryString);
+    }
+    return (loginUrl + Url.encode(token));
+  }
+
  private static Map<String, String> getParameters(HttpServletRequest req) {
    final Map<String, String> params = new HashMap<>();
    for (final String pair : req.getQueryString().split("[&;]")) {